cybersecurity threat intelligence

From Cyber Security News – Sec-Gemini v1 – Google Released a New AI Model for Cybersecurity

Google has made a big move to fight cyber threats by announcing Sec-Gemini v1, an experimental AI model designed to revolutionize cybersecurity. Elie Burzstein and Marianna Tishchenko from the Sec-Gemini…

shaikh Saqib April 5, 2025

News

From The Hacker News – SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. "The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for

shaikh Saqib April 4, 2025

Vulnerabilities

From Cybersecurity Help – DPRK IT worker threat expands beyond the US, focuses on Europe

The schemes come with new tactics, including extortion campaigns and corporate virtualized infrastructure compromises. Read More

Samir K April 2, 2025

News

From Dark Reading – As CISA Downsizes, Where Can Enterprises Get Support?

In this roundtable, cybersecurity experts — including two former CISA executives — weigh in on alternate sources for threat intel, incident response, and other essential cybersecurity services. Read More

shaikh Saqib April 2, 2025

News

From Cyber Security News – DarkCloud – An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows

DarkCloud is a sophisticated stealer malware that emerged in 2022, quickly positioning itself as one of the most prevalent threats in its category. This Windows-targeting malware has evolved significantly to…

shaikh Saqib March 31, 2025

News

From The Hacker News – ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected

shaikh Saqib March 31, 2025

News

From Cyber Security News – CISA Warns of ESURGE Malware Exploiting Ivanti RCE Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report (MAR-25993211-r1.v1) detailing the exploitation of a critical vulnerability in Ivanti Connect Secure devices (CVE-2025-0282). This vulnerability allows…

shaikh Saqib March 29, 2025

News

From Security Week – 9-Year-Old NPM Crypto Package Hijacked for Information Theft

[[{"value":"Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared…

shaikh Saqib March 28, 2025

News

From The Hacker News – CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection

Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that's designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. "The purpose of the malware is to download and execute second-stage payloads while evading

shaikh Saqib March 28, 2025

News

From Cyber Security News – Weaponized Google Ads Attacking DeepSeek Users to Deliver Malware

Cybercriminals have launched a sophisticated attack campaign leveraging Google’s sponsored search results to target users searching for DeepSeek, the increasingly popular AI platform. The attack uses convincingly crafted fake advertisements…

shaikh Saqib March 28, 2025

News

From The Hacker News – PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps

An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. "PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices," Sophos security researcher Pankaj Kohli said in a Thursday analysis. PJobRAT, first

shaikh Saqib March 28, 2025

News

From Cyber Security News – GorillaBot Attacks Windows Devices With 300,000+ Attack Commands Across 100+ Countries

A new botnet named “GorillaBot,” has orchestrated over 300,000 attack commands across more than 100 countries within a span of just three weeks. Built on the infamous Mirai botnet framework,…

shaikh Saqib March 27, 2025

News

From The Hacker News – New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations

The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad. The activity, observed in July 2024, marks the first time the hacking crew has deployed ShadowPad, a malware widely shared by Chinese state-sponsored actors. "FamousSparrow

shaikh Saqib March 26, 2025

News

From Cyber Security News – SectopRAT as Weaponized Cloudflare Turnstile Challenge Attacks Windows Users

A sophisticated new malware strain dubbed SectopRAT has emerged, leveraging Cloudflare’s Turnstile challenge system as part of its attack methodology. This Remote Access Trojan specifically targets Windows users through a…

shaikh Saqib March 26, 2025

News

From Security Week – AMTSO Releases Sandbox Evaluation Framework

[[{"value":"AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions. The post AMTSO Releases Sandbox Evaluation Framework appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 26, 2025