In The News

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages The Hacker [email protected] (The Hacker News)
August 21, 2025

Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, …

Read More
No Comment

In The News


Tree of AST: A Bug-Hunting Framework Powered by LLMs darkreadingAlexander Culafi
August 21, 2025

Teenaged security researchers Sasha Zyuzin and Ruikai Peng discuss how their new vulnerability discovery framework leverages LLMs to address limitations of the past. Teenaged security researchers Sasha Zyuzin and Ruikai Peng …

Read More
No Comment

Prepping the Front Line for MFA Social Engineering Attacks darkreadingPaul Underwood
August 21, 2025

Attackers will continue to evolve, and the help desk will always be a target. But with the right mix of training, support, and trust, frontline agents can become your biggest …

Read More
No Comment

Tailing Hackers, Columbia University Uses Logging to Improve Security darkreadingMercedes Cardona
August 21, 2025

Logging netflows provided valuable insight about attacker tactics during a breach by state-sponsored hackers targeting Columbia's research labs. Logging netflows provided valuable insight about attacker tactics during a breach by state-sponsored …

Read More
No Comment

DARPA: Closing the Open Source Security Gap With AI darkreadingAlexander Culafi
August 21, 2025

DARPA's Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at scale. DARPA's Kathleen Fisher discusses the AI …

Read More
No Comment

CISA Releases Three Industrial Control Systems Advisories AlertsCISA
August 21, 2025

CISA released three Industrial Control Systems (ICS) advisories on August 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-233-01 Mitsubishi Electric Corporation MELSEC …

Read More
No Comment

CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
August 21, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-43300 Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability These types of vulnerabilities are …

Read More
No Comment

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger The Hacker [email protected] (The Hacker News)
August 21, 2025

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers …

Read More
No Comment

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025 The Hacker [email protected] (The Hacker News)
August 21, 2025

As security professionals, it's easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often aren't from cutting-edge exploits, but …

Read More
No Comment

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft The Hacker [email protected] (The Hacker News)
August 20, 2025

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major …

Read More
No Comment