Skip to content
cyber updates Page 5

cyber updates

How to Automate CVE and Vulnerability Advisory Response with Tines

How to Automate CVE and Vulnerability Advisory Response with Tines

May 02, 2025The Hacker NewsVulnerability Management / Security Operations Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community –… 

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

May 02, 2025Ravie LakshmananMalware / Threat Intelligence The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. “MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript… 

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

May 02, 2025Ravie LakshmananPassword Security / Windows A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use… 

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

May 01, 2025Ravie LakshmananMalware / Web Skimming Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name “WP-antymalwary-bot.php,”… 

Why top SOC teams are shifting to Network Detection and Response

Why top SOC teams are shifting to Network Detection and Response

Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality… 

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

May 01, 2025Ravie LakshmananArtificial Intelligence / Disinformation Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an “influence-as-a-service” operation to engage with authentic accounts across Facebook and X.… 

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

Russian companies have been targeted as part of a large-scale phishing campaign that’s designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing,… 

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

May 01, 2025Ravie LakshmananZero-Day / Threat Intelligence Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of… 

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

May 01, 2025Ravie LakshmananVulnerability / VPN Security SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed…