Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized. It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They don’t just spoof—they

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser's ANGLE and GPU components. "Insufficient validation of untrusted input in ANGLE and

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign "decoy" app that's hosted on the Google Play Store and its evil twin, which is

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an

Le 15 juillet 2025, de nombreux utilisateurs de WeTransfer se sont inquiétés d’une nouvelle clause dans les conditions générales d’utilisation (CGU) du service. Censée entrer en vigueur le 8 août 2025, la clause 6.3 semblait accorder à WeTransfer des droits très larges sur les fichiers transférés, notamment leur exploitation pour entraîner des modèles d’intelligence artificielle. L'entreprise néerlandaise a depuis modifié le texte et parle de confusion.

Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. "Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed," Omer Yoachimik and Jorge Pacheco said. "Cloudflare blocked over 6,500 hyper-volumetric DDoS attacks, an average of 71

Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was "promoted on the Ramp4u forum by the threat actor known as '$$$,'" EclecticIQ researcher Arda Büyükkaya said. "The same actor controls

OpenAI's image gen model, which is available via ChatGPT for free, now lets you easily create AI images even if you're not familiar with trends or prompt engineering. [...]

Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has shut down its public infrastructure in a move suspected to be an exit scam. [...]

Microsoft has released an emergency update to fix a bug that prevents Azure virtual machines from launching when the Trusted Launch setting is disabled and Virtualization-Based Security (VBS) is enabled. [...]

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. [...]

An international law enforcement action dismantled a Romanian ransomware gang known as 'Diskstation,' which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. [...]

Kingston Digital Europe Co LLP, filiale chargée des mémoires Flash de Kingston Technology Company, Inc., leader mondial des produits mémoire et des solutions technologiques, annonce aujourd’hui que sa clé USB à chiffrement matériel Kingston IronKey™ D500S a reçu la validation NIST FIPS 140-3 niveau 3. Communiqué – Conçue et assemblée par Kingston en Californie, la D500S est la […]

The post La Kingston IronKey D500S est la première et unique clé USB au monde conforme à la norme TAA first appeared on UnderNews.

Zimperium, leader mondial de la sécurité mobile, a annoncé la découverte d’une nouvelle variante particulièrement furtive du malware Konfety visant spécifiquement les appareils Android. Identifiée par zLabs, l’équipe de recherche de Zimperium, cette dernière version utilise des techniques avancées d’obfuscation et d’évasion au niveau des fichiers ZIP, la rendant bien plus difficile à détecter et […]

The post Zimperium découvre une variante sophistiquée du malware Konfety ciblant les appareils Android first appeared on UnderNews.

Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where "CL" stands for "cluster" and "STA" refers to "state-backed motivation." "The threat actors behind this

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can’t easily see. These “invisible” non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have

Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants," ESET

A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. [...]

OpenAI is following Perplexity and is working on its own AI-powered browser codenamed "Aura." [...]