ICYMI: 2025-02-14
Latest Headlines
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
AI-Powered Social Engineering: Ancillary Tools and Techniques
Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts
RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems
Sean Cairncross is Trump Nominee for National Cyber Director
In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool
SonicWall Firewall Vulnerability Exploited After PoC Publication
Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks
New Windows Zero-Day Exploited by Chinese APT: Security Firm
Lazarus Group Infostealer Malwares Attacking Developers In New Campaign
XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents
EarthKapre APT Drops Weaponized PDF to Compromise Windows Systems
Lazarus Group Using New Malware Tactic To Attack Developers Globally
North Korean IT Workers Infiltrate International Companies To Plant Backdoors on Systems
Beware of Malicious Browser Updates That Installs SocGholish Malware
CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits
NVIDIA Container Toolkit Vulnerability Let Attackers Execute Code
Apache Fineract SQL Injection Vulnerability Let Inject Malicious Data
New Astaroth 2FA Phishing Kit Targeting Gmail, Yahoo, Office 365, and 3rd-Party Logins
Hackers exploit authentication bypass in Palo Alto Networks PAN-OS
SonicWall firewall bug leveraged in attacks after PoC exploit release
Malicious PirateFi game infects Steam users with Vidar malware
Chinese hackers breach more US telecoms via unpatched Cisco routers
– MTZ