ICYMI: 2025-05-20
Latest Headlines
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts
NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch
Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers
Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit
TrustCloud Raises $15 Million for Security Assurance Platform
CloudSEK Raises $19 Million for Threat Intelligence Platform
Madhu Gottumukkala Officially Announced as CISA Deputy Director
Kimsuky APT Group Uses Using Powershell Payloads to Deliver XWorm RAT
More_Eggs Malware Exploits Job Application Emails to Deliver Malicious Payloads
New RedisRaider Campaign Attacking Linux Servers by Abusing Redis Configuration
Preventing App-Based Threats on Android Devices – 2025’s Security Landscape
Hackers Exploit TikTok & Instagram APIs to Validate Stolen Accounts
Hackers Attacking Organizations with Weaponized RAR Archive to Deliver Pure Malware
OneDrive New Feature of Syncing Personal & Corporate Account is Rolling Out
How to Enable iOS Lockdown Mode for Enhanced Protection Against Sophisticated Cyber Threats
PowerSchool hacker pleads guilty to student data extortion scheme
Mobile carrier Cellcom confirms cyberattack behind extended outages
Premium WordPress ‘Motors’ theme vulnerable to admin takeover attacks
SK Telecom says malware breach lasted 3 years, impacted 27 million numbers
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains
RVTools hit in supply chain attack to deliver Bumblebee malware
– MTZ