Infosecurity News
MostereRAT Targets Windows Users With Stealth Tactics
Phishing campaign unveiled MostereRAT, targeting Windows systems with advanced evasion techniques
Remote Access Abuse Biggest Pre-Ransomware Indicator
Cisco Talos found that abuse of remote services and remote access software are the most prevalent ‘pre-ransomware’ tactics deployed by threat actors
Qualys, Tenable Latest Victims of Salesloft Drift Hack
Palo Alto Networks, Cloudflare and Zscaler were also among confirmed victims of the attack
GhostAction Supply Chain Attack Compromises 3000+ Secrets
Security researchers have discovered a new malicious campaign impacting hundreds of GitHub users
SAP S/4HANA Users Urged to Patch Critical Exploited Bug
Critical SAP S/4HANA vulnerability CVE-2025-42957 is being exploited in the wild
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America
Bridgestone Americas confirmed the incident but has not detailed the scope of the attack
South Carolina School District Data Breach Affects 31,000 People
An investigation has revealed that files were stolen in a data breach affecting a South Carolina school district
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security
Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps
US and 14 Allies Release Joint Guidance on Software Bill of Materials
The joint guidance is a welcome first step towards a common, global adoption of SBOMs, experts argued
61% of US Companies Hit by Insider Data Breaches
The OPSWAT report found that insider breaches cost impacted firms $2.7m on average due to factors such as regulatory fines and diminished productivity
GhostRedirector Emerges as New China-Aligned Threat Actor
A newly identified hacking group named GhostRedirector has compromised 65 Windows servers using previously unknown tools
North Korean Hackers Exploit Threat Intel Platforms For Phishing
North Korean hackers have been observed exploiting cyber threat intelligence platforms in a campaign targeting job seekers with malware-laced lures
CMS Provider Sitecore Patches Exploited Critical Zero Day
Google Cloud’s Mandiant successfully disrupted an active ViewState deserialization attack affecting Sitecore deployments
Scattered Spider-Linked Group Claims JLR Cyber-Attack
JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand
Threat Actors Abuse Hexstrike-AI Tool to Accelerate Exploitation
Hackers are using legitimate red team tool Hexstrike-AI to simplify and speed up vulnerability exploitation
Healthcare Sector Takes 58 Days to Resolve Serious Vulnerabilities
A new Cobalt study finds healthcare organizations among the slowest at resolving serious vulnerabilities
Malicious npm Packages Exploit Ethereum Smart Contracts
A malicious campaign using Ethereum smart contracts has been observed targeting developers via npm and GitHub
Russian APT28 Expands Arsenal with 'NotDoor' Outlook Backdoor
The backdoor is a sophisticated VBA-based malware targeting Microsoft Outlook
Cloudflare and Palo Alto Networks Victimized in Salesloft Drift Breach
Cloudflare has notified customers that hackers may have accessed their data as part of the Salesloft Drift campaign
Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links
Barracuda observed new methods to disguise phishing links in Tycoon phishing attacks, which are designed to bypass automated email security systems
