Trickbot, Conti Ransomware Operator Unmasked Amid Huge Ops Leak darkreadingAlexander Culafi, Senior News Writer, Dark Reading
June 2, 2025

An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware. An anonymous whistleblower has leaked large amounts of data tied to the …


Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub The Hacker [email protected] (The Hacker News)
June 2, 2025

Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine …


Australia Begins New Ransomware Payment Disclosure Rules darkreadingKristina Beek, Associate Editor, Dark Reading
June 2, 2025

The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential civil penalties. The country will require certain organizations to report …


Critical Bugs Could Spark Takeover of Widely Used Fire Safety OT/ICS Platform darkreadingElizabeth Montalbano, Contributing Writer
June 2, 2025

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory. The unpatched …


Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN The Hacker [email protected] (The Hacker News)
June 2, 2025

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset …


Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU The Hacker [email protected] (The Hacker News)
June 2, 2025

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly disclosed …


Beyond the Broken Wall: Why the Security Perimeter Is Not Enough darkreadingTim Freestone
June 2, 2025

Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments. Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.  ​Read More


In the AI Race With China, Don’t Forget About Security darkreadingAndrew Grotto
June 2, 2025

The US needs to establish a clear framework to provide reasonable guardrails to protect its interests — the quicker, the better. The US needs to establish a clear framework to provide …


CISA Adds Five Known Exploited Vulnerabilities to Catalog AlertsCISA
June 2, 2025

CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability CVE-2023-39780 ASUS RT-AX55 Routers OS Command Injection Vulnerability CVE-2024-56145 Craft CMS Code …


⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More The Hacker [email protected] (The Hacker News)
June 2, 2025

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to …