Cyber News 140

20 Million Trusted Domains Vulnerable to Email Hosting Exploits

Three newly discovered SMTP smuggling attack techniques can exploit misconfigurations and design decisions made by at least 50 email-hosting providers.…

Cyber Insight

Criminal Gang Physically Assaulting People for Their Cryptocurrency

This is pretty horrific: …a group of men behind a violent crime spree designed to compel victims to hand over…

Cyber Insight

Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver

Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading…

Cyber Insight

AI Remains a Wild Card in the War Against Disinformation

Digital literacy and protective measures will be key to detecting disinformation and deepfakes as AI is used to shape public…

Cyber Insight

AppSec Webinar: How to Turn Developers into Security Champions

Let’s face it: AppSec and developers often feel like they’re on opposing teams. You’re battling endless vulnerabilities while they just…

Cyber Insight

Automated Threats Pose Increasing Risk to the Travel Industry

As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of…

Cyber Insight

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government…

Cyber Insight

SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI)…

Cyber Insights

Breaking

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Preventing and Detecting Advanced Phishing Attacks: Evilginx and AiTM Proxies

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack

GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Preventing and Detecting Advanced Phishing Attacks: Evilginx and AiTM Proxies

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack

Be Mindful of Social Media Privacy

Twitter CEO’s account hacked via SIM-card swap attack

No one is immune to phishing attack

Password – the Gate of Hell of the Digital Age

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack

GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

20 Million Trusted Domains Vulnerable to Email Hosting Exploits

Criminal Gang Physically Assaulting People for Their Cryptocurrency

Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver

AI Remains a Wild Card in the War Against Disinformation

AppSec Webinar: How to Turn Developers into Security Champions

Automated Threats Pose Increasing Risk to the Travel Industry

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

You Missed

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Preventing and Detecting Advanced Phishing Attacks: Evilginx and AiTM Proxies

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack