Infosecurity News
ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms
New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks
Vegas Gambling Giant Hit by Cyber Incident, Employee Data Exposed
Boyd Gaming Corporation has disclosed that an unauthorized actor removed data from its systems, including information about employees and other individuals
Cell Tower Hacking Gear Seized Ahead of UN General Assembly
The equipment could be used to disable cell phone towers and conduct denial-of-services attacks across New York City
Federal Agency Compromised Via GeoServer Exploit, CISA Reveals
An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability
European Police Bust €100m Crypto-Fraud Ring
Police have arrested five suspects linked to a €100m cryptocurrency fraud ring
Iranian Hacking Group Nimbus Manticore Expands European Targeting
Nimbus Manticore intensified European cyber-espionage, targeting aerospace, telecom, defense sectors
Deepfake Attacks Hit Two-Thirds of Businesses
Gartner research found that 62% of organizations have experienced a deepfake attack in the past 12 months
Critical Security Flaws Grow with AI Use, New Report Shows
Rising hardware, API, and network flaws expose organizations to new risks in an AI-driven landscape
Attacker Breakout Time Falls to 18 Minutes
ReliaQuest report claims time from initial access to lateral movement has shrunk to just 18 minutes
Car Giant Stellantis Confims Third-Party Breach
Stellantis confirmed that customers’ personal information was potentially exposed
Jaguar Land Rover Extends Production Pause Again
UK carmaker Jaguar Land Rover has said production will remain shuttered until October 1
Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge
Experts at a Gartner event highlighted areas of focus in identity, processes and third-party risk management to tackle the novel tactics employed by Scattered Spider
Major Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test
MITRE said it understands why Microsoft, SentinelOne and Palo Alto pulled out of its 2025 of ATT&CK Evaluations test – and promises to do better next year
FBI Says Threat Actors Are Spoofing its IC3 Site
The FBI has warned that adversaries have published fake versions of its cybercrime reporting portal IC3
Airport Chaos Enters Third Day After Supply Chain Attack
Heathrow, Brussels, Dublin and Berlin airports are among those disrupted by a cyber-attack on Collins Aerospace
Russian State Hackers Collaborate in Attacks Against Ukraine
ESET found that the FSB-affiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations
Zero-Click Vulnerability in ChatGPT's Agent Enables Silent Gmail Data Theft
Researchers at Radware found a zero-click flaw in ChatGPT Deep Research agent when connected to Gmail and browsing
Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed
Pair of Suspected Scattered Spider Hackers Charged by UK, US Authorities
One of the teenage suspects is accused of involvement in at least 120 attacks, resulting in $115m in ransom payments
New York Blood Center Alerts 194,000 People to Data Breach
A breach at the New York Blood Center resulted in theft of data for 194,000 people, including SSNs, IDs, bank and health information
