Latest Cybersecurity News and Articles


AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

02 October 2024
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using AI for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition.

Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw

02 October 2024
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to

PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

02 October 2024
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. "The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in the crypto ecosystem,"

Iran-linked Threat Group Handala Actively Targets Israel

02 October 2024
Handala's most serious claims are unverified, but the Iranian threat group's actions have led to numerous account suspensions and website shutdowns due to its persistent activities.

Cyble Researchers Uncover Sophisticated Attack Using VSCode for Remote Access

02 October 2024
Cyble researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses VSCode to establish persistence and remote access – and installs the VSCode CLI if VSCode isn’t found on the victim machine.

Zimbra RCE Vuln Under Attack Needs Immediate Patching

02 October 2024
Attackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected organizations to patch vulnerable instances right away.

Crook made millions by breaking into execs’ Office365 inboxes, feds say

02 October 2024
Federal prosecutors have charged a man for an alleged “hack-to-trade” scheme that earned him millions of dollars by breaking into the Office365 accounts of executives at publicly traded companies.

New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys

02 October 2024
Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery phrases, targeting wallets like Metamask, Trust Wallet, and Exodus.

AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

01 October 2024
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in

Cloud Security Firm Apono Raises $15.5 Million to Expand AI-Powered Access Management

01 October 2024
This latest investment, led by New Era Capital Partners, brings Apono's total funding to $20. 5 million, positioning the company to lead the identity security market with its innovative AI-driven product.

PLANET Technology Switches Face Multiple Vulnerabilities, Urgent Firmware Updates Advised

01 October 2024
The Taiwan Computer Emergency Response Team (TWCERT/CC) has released a series of security advisories highlighting critical vulnerabilities affecting various PLANET Technology switch models.

Authorities Warn of Growing Iranian Spear Phishing Threat Against Journalists and Diplomats

01 October 2024
The UK and US issued a joint warning about the increasing Iranian spear phishing threat, attributing it to Iran's Islamic Revolutionary Guard Corps targeting individuals in Iranian and Middle Eastern affairs, as well as US political campaigns.

KartLANPwn Flaw Exploits Mario Kart 8 Deluxe LAN Play Feature for RCE

01 October 2024
The KartLANPwn vulnerability (CVE-2024-45200) targets Mario Kart 8 Deluxe's LAN Play feature, potentially allowing hackers to execute remote code on players' game consoles.

Logpoint Strengthens SIEM by Acquiring Muninn AI-Powered NDR

01 October 2024
Logpoint, a SIEM company based in Copenhagen, acquired Muninn, an AI-powered NDR startup, to enhance threat detection capabilities. Muninn's AI technology is designed to detect complex attacks in environments where traditional methods fall short.

JPCERT Shares Windows Event Log Tips to Detect Ransomware Attacks

01 October 2024
The investigation strategy shared by JPCERT/CC covers Application, Security, System, and Setup logs, which can reveal traces left by ransomware attacks and help identify the attack vector

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog

01 October 2024
The CISA has alerted to four newly exploited vulnerabilities in its KEV catalog. The vulnerabilities include critical flaws in D-Link and DrayTek Vigor routers, Motion Spell GPAC, and SAP Commerce Cloud.

58% of organizations have experienced document-based identity fraud

01 October 2024
Survey data shows a significant rise in the prevalence of video deepfakes, with a 20% increase in companies reporting incidents compared to 2022.

Malicious Actors Use Infected PyPI Packages to Target Roblox Da Hood Game Cheaters

01 October 2024
Platforms like Github, Discord, and YouTube are used to distribute compromised game cheats, which contain malware such as Skuld Stealer and Blank Grabber, known for stealing sensitive information.

Researcher Details RCE Flaw (CVE-2024-36435) in Supermicro BMC IPMI Firmware

01 October 2024
A critical vulnerability, CVE-2024-36435, has been found in several Supermicro enterprise products, allowing unauthenticated attackers to exploit a buffer overflow in the Baseboard Management Controller (BMC) firmware, leading to RCE.

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

01 October 2024
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security