Latest IntelligencePage 75
Search by keyword →
Iranian-Nexus Operation Targets Oman Ministries With Webshells, SQL Escalation, and Data Theft
A sophisticated cyber operation linked to an Iranian-nexus threat actor has quietly worked through at least 12 Omani government ministries, stealing tens of tho...
Herd Security Raises $3 Million for AI-Powered Training Platform
The startup will invest in expanding its training categories, optimizing video generation, and growing its partnership ecosystem. The post Herd Security Raises ...
MuddyWater hackers use Chaos ransomware as a decoy in attacks
The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social engineering to gain access and establ...
Iranian APT Intrusion Masquerades as Chaos Ransomware Attack
Likely perpetrated by MuddyWater, the attack combined social engineering, persistence, credential harvesting, and data theft. The post Iranian APT Intrusion Mas...
Webinar: Why network incidents escalate and how to fix response gaps
Most network incidents don't escalate due to a lack of alerts; they escalate when response breaks down. This webinar explores how to fix gaps in triage, enrichm...
Remus Infostealer Uses Lumma-Style Browser Key Theft and Application-Bound Encryption Bypass
A dangerous new piece of malware called Remus has surfaced, quietly picking up where one of the most feared information stealers left off. Designed to steal bro...
From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
As part of its 20th anniversary celebration, Dark Reading looks back on 20 of the biggest newmaking events from the past two decades that influenced the risk la...
Romanian Extradited to US for Role in Hacking Scheme 17 Years Ago
Gavril Sandu, 53, was indicted in 2017, but was arrested and extradited to the United States only in 2026. The post Romanian Extradited to US for Role in Hackin...
Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago
Gavril Sandu, 53, was indicted in 2017, but was arrested and extradited to the United States only in 2026. The post Romanian Man Extradited to US for Role in Ha...
Zero-Auth Flaw Exposes DoD Contractor to Cross-Tenant Data Access
A severe zero-authorization vulnerability in Schemata’s API, an AI-powered virtual training platform holding active Department of Defense (DoD) contracts,...
WhatsApp warns of Instagram Reels bug that could load risky content
Meta has released security updates for WhatsApp addressing two vulnerabilities that could have exposed users to malicious files or attacker-controlled content o...
Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plugin, Pheno, to hijack the Windows-based bridge between PCs and smartphones....
CISA: Critical Infrastructure Must Master Isolation, Recovery
The agency has issued guidance to help critical infrastructure operators prepare for cyberattacks by foreign threat actors. The post CISA: Critical Infrastructu...
CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber Conflict
Agency issued guidance and calls on operators to build resilient OT environments capable of surviving extended isolation and cyber compromise. The post CISA Lau...
Vimeo Data Breach Exposes 119,000 Users Unique Email Addresses
In a significant supply chain security incident, the popular video hosting platform Vimeo has confirmed a data breach that exposed user information. Discovered ...
Sophisticated Quasar Linux RAT Targets Software Developers
The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities. The post Sophisticated Quasar Linux RAT Targets ...
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in att...
Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack
While trojanized Daemon Tools versions were installed worldwide, a sophisticated backdoor was dropped only on a dozen systems. The post Government, Scientific E...
Azure AD Conditional Access Bypassed Via Phantom Device Registration and PRT Abuse
Cloud identity security relies heavily on Microsoft Entra ID (formerly Azure AD) Conditional Access. It acts as the primary digital gatekeeper, checking user lo...
Oracle Debuts Monthly Critical Security Patch Updates
Containing fixes for critical-severity vulnerabilities, the monthly rollouts will focus on addressing priority issues faster. The post Oracle Debuts Monthly Cri...