Hot stuff

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

backdoor, Check Point, Don't miss, Heroku, Hot stuff, manufacturing sector, News, phishing /

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms 2025-08-29 at 14:19 By Zeljka Zorz A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial manufacturing and other companies critical to various supply chains, Check Point […]

React to this headline:

Loading spinner

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Read More »

New framework aims to outsmart malware evasion tricks

Aryaka, cybersecurity, Don't miss, Features, framework, Hot stuff, machine learning, Malware, News, research /

New framework aims to outsmart malware evasion tricks 2025-08-29 at 10:03 By Mirko Zorz Attackers have learned how to trick machine learning malware detectors with small but clever code changes, and researchers say they may finally have an answer. In a new paper, academics from Inria and the CISPA Helmholtz Center for Information Security describe

React to this headline:

Loading spinner

New framework aims to outsmart malware evasion tricks Read More »

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Anthropic, APT, Artificial Intelligence, cybercriminals, data theft, Don't miss, ESET, extortion, Hot stuff, LLMs, News, North Korea /

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation

React to this headline:

Loading spinner

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »

ScamAgent shows how AI could power the next wave of scam calls

Artificial Intelligence, CISO, cybercrime, Don't miss, Features, Hot stuff, News, Qualys, research, scams /

ScamAgent shows how AI could power the next wave of scam calls 2025-08-28 at 09:03 By Mirko Zorz Scam calls have long been a problem for consumers and enterprises, but a new study suggests they may soon get an upgrade. Instead of a human scammer on the other end of the line, future calls could

React to this headline:

Loading spinner

ScamAgent shows how AI could power the next wave of scam calls Read More »

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

AppOmni, cloud security, credentials, data theft, Don't miss, Google, Hot stuff, News, OAuth, Salesforce, third party compromise /

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius 2025-08-27 at 17:47 By Zeljka Zorz A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] observed UNC6395

React to this headline:

Loading spinner

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius Read More »

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Don't miss, Hot stuff, News, Plex Media Server, security update, streaming device, vulnerability /

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 2025-08-27 at 14:29 By Zeljka Zorz Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is

React to this headline:

Loading spinner

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 Read More »

AI Security Map: Linking AI vulnerabilities to real-world impact

AppOmni, Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research, Vectra AI /

AI Security Map: Linking AI vulnerabilities to real-world impact 2025-08-27 at 09:40 By Mirko Zorz A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first step. The real risk comes from how quickly one weakness in an AI

React to this headline:

Loading spinner

AI Security Map: Linking AI vulnerabilities to real-world impact Read More »

How compliance teams can turn AI risk into opportunity

Artificial Intelligence, CISO, Compliance, cybersecurity, Don't miss, Drata, Features, Hot stuff, News, opinion, regulation, strategy /

How compliance teams can turn AI risk into opportunity 2025-08-27 at 08:52 By Mirko Zorz AI is moving faster than regulation, and that creates opportunities and risks for compliance teams. While governments work on new rules, businesses cannot sit back and wait. In this Help Net Security video, Matt Hillary, CISO at Drata, look at

React to this headline:

Loading spinner

How compliance teams can turn AI risk into opportunity Read More »

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)

0-day, backdoor, Citrix, Don't miss, Hot stuff, NetScaler, News, web shell /

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) 2025-08-26 at 16:35 By Zeljka Zorz Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and released security

React to this headline:

Loading spinner

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) Read More »

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

CISA, Don't miss, Git, Hot stuff, News, PoC, software development, vulnerability /

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) 2025-08-26 at 13:47 By Zeljka Zorz CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not public, but the confirmation of exploitation comes from the US Cybersecurity and Infrastructure Security

React to this headline:

Loading spinner

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) Read More »

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO

CISO, critical infrastructure, cyber risk, cybersecurity, Don't miss, embedded systems, Features, Hot stuff, News, opinion, Risk Management, strategy /

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO 2025-08-26 at 09:24 By Mirko Zorz Agriculture is a connected, software-driven industry where cybersecurity is just as essential as tractors and harvesters. From embedded hardware in smart fleets to defending against advanced persistent threats, protecting the agricultural supply chain requires a layered, collaborative approach.

React to this headline:

Loading spinner

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO Read More »

LLMs at the edge: Rethinking how IoT devices talk and act

Artificial Intelligence, Don't miss, Features, Hot stuff, IEEE, Internet of Things, LLMs, networking, News, research, smart home, Sumo Logic /

LLMs at the edge: Rethinking how IoT devices talk and act 2025-08-26 at 08:01 By Mirko Zorz Anyone who has set up a smart home knows the routine: one app to dim the lights, another to adjust the thermostat, and a voice assistant that only understands exact phrasing. These systems call themselves smart, but in

React to this headline:

Loading spinner

LLMs at the edge: Rethinking how IoT devices talk and act Read More »

ScreenConnect admins targeted with spoofed login alerts

Don't miss, Hot stuff, MFA, Mimecast, MITM, MSP, News, Sophos, spear-phishing /

ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have

React to this headline:

Loading spinner

ScreenConnect admins targeted with spoofed login alerts Read More »

Fake macOS help sites push Shamos infostealer via ClickFix technique

Check Point, CrowdStrike, Don't miss, ESET, Hot stuff, macOS, malvertising, Malware, Microsoft, News, social engineering /

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers

React to this headline:

Loading spinner

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

Why a new AI tool could change how we test insider threat defenses

Artificial Intelligence, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, Insider Threat, LLMs, News, research, Risk Management /

Why a new AI tool could change how we test insider threat defenses 2025-08-25 at 09:04 By Mirko Zorz Insider threats are among the hardest attacks to detect because they come from people who already have legitimate access. Security teams know the risk well, but they often lack the data needed to train systems that

React to this headline:

Loading spinner

Why a new AI tool could change how we test insider threat defenses Read More »

Why satellite cybersecurity threats matter to everyone

aerospace, CISO, cyber resilience, cyber risk, cybersecurity, Deloitte, Don't miss, Features, Hot stuff, News, opinion, strategy, tips, zero trust /

Why satellite cybersecurity threats matter to everyone 2025-08-25 at 08:34 By Mirko Zorz Satellites play a huge role in our daily lives, supporting everything from global communications to navigation, business, and national security. As space becomes more crowded and commercial satellite use grows, these systems are facing new cyber threats. The challenge is even greater

React to this headline:

Loading spinner

Why satellite cybersecurity threats matter to everyone Read More »

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies

Artificial Intelligence, books, Don't miss, generative AI, Hot stuff, how-to, LLMs, machine learning, News, Review, Reviews, skill development, strategy, tips /

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies 2025-08-25 at 07:50 By Mirko Zorz Adversarial AI Attacks, Mitigations, and Defense Strategies shows how AI systems can be attacked and how defenders can prepare. It’s essentially a walkthrough of offensive and defensive approaches to AI security. About the author John Sotiropoulos is the Head Of AI

React to this headline:

Loading spinner

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies Read More »

China-linked Murky Panda targets and moves laterally through cloud services

APT, China, Cloud, CrowdStrike, cyber espionage, Don't miss, Hot stuff, News /

China-linked Murky Panda targets and moves laterally through cloud services 2025-08-22 at 17:33 By Zeljka Zorz In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to “China-nexus adversaries”, Murky Panda (aka Silk Typhoon) among them. Murky

React to this headline:

Loading spinner

China-linked Murky Panda targets and moves laterally through cloud services Read More »

Five ways OSINT helps financial institutions to fight money laundering

Blackdot Solutions, cybersecurity, Don't miss, Expert analysis, Expert corner, financial industry, Hot stuff, News, opinion, OSINT, strategy, tips /

Five ways OSINT helps financial institutions to fight money laundering 2025-08-22 at 09:31 By Help Net Security Here are five key ways OSINT tools can help financial firms develop advanced strategies to fight money laundering criminals. 1. Reveal complex networks and ownership structures Money launderers often use layered networks of offshore entities and shell companies

React to this headline:

Loading spinner

Five ways OSINT helps financial institutions to fight money laundering Read More »

Russian threat actors using old Cisco bug to target critical infrastructure orgs

Cisco, critical infrastructure, cyber espionage, Don't miss, FBI, Hot stuff, News, Russian Federation, USA, vulnerability /

Russian threat actors using old Cisco bug to target critical infrastructure orgs 2025-08-21 at 18:07 By Zeljka Zorz A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old vulnerability (CVE-2018-0171), the FBI and Cisco warned on Wednesday. “Primary targets

React to this headline:

Loading spinner

Russian threat actors using old Cisco bug to target critical infrastructure orgs Read More »

Scroll to Top