In The News

U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert The Hacker [email protected] (The Hacker News)
April 15, 2025

The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that could shake up …


Funding Expires for Key Cyber Vulnerability Database Krebs on SecurityBrianKrebs
April 15, 2025

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit …


ISC Stormcast For Wednesday, April 16th, 2025 https://isc.sans.edu/podcastdetail/9410, (Wed, Apr 16th) SANS Internet Storm Center, InfoCON: green
April 15, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Accounting Firms Can’t Skimp on Cybersecurity darkreading
April 15, 2025

Cybercriminals capitalize on tax preparation stress, technology sprawl, and lax communications. Accounting teams can't afford to treat cybersecurity as an afterthought. Cybercriminals capitalize on tax preparation stress, technology sprawl, and lax …


Max Severity Bug in Apache Roller Enabled Persistent Access darkreadingJai Vijayan, Contributing Writer
April 15, 2025

The remediated flaw gave adversaries a way to maintain access to the app through password resets. The remediated flaw gave adversaries a way to maintain access to the app through password …


With AI’s Help, Bad Bots Are Taking Over the Web darkreadingKristina Beek, Associate Editor, Dark Reading
April 15, 2025

Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say. Bad bots are becoming increasingly difficult to detect as they …


AI-Powered Presentation Tool Leveraged in Phishing Attacks darkreadingAlexander Culafi, Senior News Writer, Dark Reading
April 15, 2025

Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named "Gamma" in phishing attacks. Researchers at Abnormal Security said threat actors are using a …


Hertz Falls Victim to Cleo Zero-Day Attacks darkreadingKristina Beek, Associate Editor, Dark Reading
April 15, 2025

Customer data such as birth dates, credit card numbers and driver's license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products. Customer data such as birth …


Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats darkreadingElizabeth Montalbano, Contributing Writer
April 15, 2025

Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers …


Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool The Hacker [email protected] (The Hacker News)
April 15, 2025

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called …