hacking

Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled phone numbers. Read More  

 Let’s Encrypt, the world’s largest certificate authority, has achieved a significant milestone by issuing its first SSL/TLS certificate for an IP address on July 1, 2025. This development marks a…

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jul. 3, 2025 – Read the full story in Bolde In an age where even your fridge…

 Two high-severity vulnerabilities in Anthropic’s Model Context Protocol (MCP) Filesystem Server enable attackers to escape sandbox restrictions and execute arbitrary code on host systems.  The vulnerabilities, designated CVE-2025-53109 and CVE-2025-53110,…

 Microsoft Corporation has confirmed a significant workforce reduction affecting approximately 9,000 employees, representing nearly 4% of its global workforce.  This strategic restructuring comes as the technology giant continues to navigate…

 The cybersecurity landscape has witnessed a dramatic escalation in pro-Russian hacktivist activities since the onset of 2025, with emerging alliances between established and newly formed groups launching increasingly sophisticated attacks…

[[{"value":"A vulnerability in the Catwatchful spyware allowed a security researcher to retrieve the usernames and passwords of over 62,000 accounts. The post Undetectable Android Spyware Backfires, Leaks 62,000 User Logins…

[[{"value":"Hardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root. The post Cisco Warns of Hardcoded Credentials in Enterprise Software appeared…

 The deluge of bargain-priced ads that flooded social networks during Latin America’s “Hot Sale 2025” has now been traced to a sprawling Chinese-built malware operation that weaponizes thousands of convincingly…

Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk. "These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox

 The first quarter of 2025 has witnessed an unprecedented surge in ransomware attacks, with 2,314 victims listed across 74 unique data leak sites, representing a staggering 213% increase compared to…

If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, not all AI is created equal. Many solutions rely on pre-trained AI models that are hardwired for a handful of specific use cases. While that might work for yesterday’s SOC, today's reality is different. Modern security operations teams face a

[[{"value":"SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor. The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek."}]] Read More  

 A significant security vulnerability discovered in the widely used Sudo utility has remained hidden for over 12 years, potentially exposing millions of Linux and Unix systems to privilege escalation attacks. …

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices. The campaign, detected at the beginning of