Aggregator

AI vs. AI: Detecting an AI-obfuscated phishing campaign

Threat intelligence | Microsoft Security Blog
9 months ago

Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a broader trend of attackers leveraging AI to increase the effectiveness of their operations and underscoring the need for defenders to understand and anticipate AI-driven threats.

The post AI vs. AI: Detecting an AI-obfuscated phishing campaign appeared first on Microsoft Security Blog.

Microsoft Threat Intelligence

AI vs. AI: Detecting an AI-obfuscated phishing campaign

Threat intelligence | Microsoft Security Blog
9 months ago

Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a broader trend of attackers leveraging AI to increase the effectiveness of their operations and underscoring the need for defenders to understand and anticipate AI-driven threats.

The post AI vs. AI: Detecting an AI-obfuscated phishing campaign appeared first on Microsoft Security Blog.

Microsoft Threat Intelligence

How One Bad Password Ended a 158-Year-Old Business

The Hackers News
9 months ago
Most businesses don't make it past their fifth birthday - studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of Old) celebrated more than a century and a half of operations, it had mastered the art of survival. For 158 years, KNP adapted and endured, building a transport business that operated 500 trucks
The Hacker News

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

Security Affairs
9 months ago
SolarWinds fixed a critical flaw in its Web Help Desk software that could allow attackers to execute arbitrary commands on vulnerable systems. SolarWinds has released hot fixes to address a critical flaw, tracked as CVE-2025-26399 (CVSS score: 9.8), affecting its Web Help Desk software. An attacker could exploit the flaw to execute arbitrary commands on susceptible […]
Pierluigi Paganini

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

Krebs on Security
9 months ago
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.
BrianKrebs

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

Ransomware – Krebs on Security
9 months ago
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.
BrianKrebs

CVE-2025-10890 | Google Chrome up to 140.0.7339.185 V8 information disclosure

VulDB Recent Entries
9 months ago
A vulnerability has been found in Google Chrome and classified as problematic. Affected by this vulnerability is an unknown functionality of the component V8. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2025-10890. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-39890 | Linux Kernel up to 6.6.93/6.12.33/6.15.2 wifi ath12k_service_ready_ext_event memory leak

VulDB Recent Entries
9 months ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.93/6.12.33/6.15.2. Affected is the function ath12k_service_ready_ext_event of the component wifi. The manipulation results in memory leak. This vulnerability was named CVE-2025-39890. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2025-39889 | Linux Kernel up to 5.15.180/6.1.134/6.6.87/6.12.24/6.14.3 Bluetooth information disclosure

VulDB Recent Entries
9 months ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.180/6.1.134/6.6.87/6.12.24/6.14.3. This impacts an unknown function of the component Bluetooth. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-39889. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader

Cyber Security News
9 months ago

A sophisticated technique that allows attackers to execute malicious code directly in memory is gaining traction, posing a significant challenge to modern Endpoint Detection and Response (EDR) solutions. This method, which involves an in-memory Portable Executable (PE) loader, enables a threat actor to run an executable within an already trusted process, effectively bypassing security checks […]

The post Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader appeared first on Cyber Security News.

Guru Baran

OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
9 months ago

A newly disclosed flaw in OnePlus OxygenOS lets any app on a device read SMS and MMS messages without asking the user. Tracked as CVE-2025-10184, the issue stems from a permission bypass in the Telephony content provider (com.android.providers.telephony). Normally, apps must hold the Android READ_SMS permission and prompt the user before accessing text messages. In […]

The post OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Managed ad