Play
You must login to view this content
Aggregator
Play
10 months 1 week ago
You must login to view this content
cohenido
Play
10 months 1 week ago
You must login to view this content
cohenido
Play
10 months 1 week ago
You must login to view this content
cohenido
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
10 months 1 week ago
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. [...]
Bill Toulas
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
10 months 1 week ago
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications.
These apps masquerade as VPNs, device "monitoring" apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in an exhaustive
The Hacker News
#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio
10 months 1 week ago
According to Infoblox’s new report, the VexTrio cybercrime-enabling network originates from Italy and Eastern Europe
VexTrio Cybercrime Outfit Run by Legit Ad Tech Firms
10 months 1 week ago
New research reveals that a malicious traffic distribution system (TDS) is run not by "hackers in hoodies," but by a series of corporations operating in the commercial digital advertising industry.
Rob Wright
Думали — хлам, оказалось — революция. Забытая частица делает плетение анионов Изинга универсальным для квантовых компьютеров
10 months 1 week ago
Исследователи нашли применение тому, что раньше считалось «математическим мусором».
Threat Actors Exploit Smart Contracts to Drain Over $900K from Crypto Wallets
10 months 1 week ago
SentinelLABS has exposed a sophisticated series of cryptocurrency scams where threat actors distribute malicious smart contracts masquerading as automated trading bots, resulting in the drainage of user wallets exceeding $900,000 USD. These scams leverage obfuscated Solidity code deployed on platforms like the Remix Solidity Compiler, targeting Ethereum-based ecosystems. The campaigns, active since early 2024, employ […]
The post Threat Actors Exploit Smart Contracts to Drain Over $900K from Crypto Wallets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Medusa Blog
10 months 1 week ago
You must login to view this content
cohenido
QilinSecuro
10 months 1 week ago
You must login to view this content
cohenido
Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome
10 months 1 week ago
The China-aligned threat actor Mustang Panda, also known as Earth Preta, HIVE0154, RedDelta, and Bronze President, has been deploying the ToneShell backdoor against Windows users, primarily targeting government and military entities in the Asia-Pacific and Europe. Active since at least 2012, the group leverages spear-phishing emails with military-themed lures to deliver malicious archives, such as […]
The post Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities
10 months 1 week ago
Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively compromised over 365 organizations, demonstrating their effectiveness in targeting high-value infrastructure providers that serve multiple […]
The post Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities appeared first on Cyber Security News.
Tushar Subhra Dutta
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
10 months 1 week ago
Fines from a state regulator pushed one car maker to improve the data privacy on its website and customer portal, and others seem to have taken notice, according to new ratings from the watchdog Privacy4Cars.
Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge
10 months 1 week ago
Tornado Cash cofounder Roman Storm was found guilty of conspiring to operate an unlicensed money-transmitting business, while the jury failed to reach a ruling on more significant charges around money laundering and sanctions violations.
CVE-2025-8613 | Vacron Camera Ping Command command injection
10 months 1 week ago
A vulnerability has been found in Vacron Camera and classified as critical. Affected by this vulnerability is an unknown functionality of the component Ping Command Handler. The manipulation leads to command injection.
This vulnerability is known as CVE-2025-8613. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-8611 | AOMEI Cyber Backup missing authentication
10 months 1 week ago
A vulnerability, which was classified as critical, was found in AOMEI Cyber Backup. Affected is an unknown function. The manipulation leads to missing authentication.
This vulnerability is traded as CVE-2025-8611. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-8612 | AOMEI Backupper Workstation link following
10 months 1 week ago
A vulnerability, which was classified as critical, has been found in AOMEI Backupper Workstation. This issue affects some unknown processing. The manipulation leads to link following.
The identification of this vulnerability is CVE-2025-8612. It is possible to launch the attack on the local host. There is no exploit available.
vuldb.com
CVE-2025-8610 | AOMEI Cyber Backup missing authentication
10 months 1 week ago
A vulnerability classified as critical was found in AOMEI Cyber Backup. This vulnerability affects unknown code. The manipulation leads to missing authentication.
This vulnerability was named CVE-2025-8610. The attack can be initiated remotely. There is no exploit available.
vuldb.com