ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics The Hacker [email protected] (The Hacker News)
September 1, 2025

Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been codenamed …


pdf-parser: All Streams, (Sun, Aug 31st) SANS Internet Storm Center, InfoCON: green
August 31, 2025

A user reported a bug in pdf-parser: when dumping all filtered streams, an error would occur:  A user reported a bug in pdf-parser: when dumping all filtered streams, an error would …


Wireshark 4.4.9 Released, (Sun, Aug 31st) SANS Internet Storm Center, InfoCON: green
August 31, 2025

Wireshark release 4.4.9 fixes 5 bugs.  Wireshark release 4.4.9 fixes 5 bugs. Didier Stevens Senior handler blog.DidierStevens.com   (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling The Hacker [email protected] (The Hacker News)
August 30, 2025

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate …


WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices The Hacker [email protected] (The Hacker News)
August 29, 2025

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently …


Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution The Hacker [email protected] (The Hacker News)
August 29, 2025

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.  The flaws, per watchTowr Labs, are listed …


An Audit Isn’t a Speed Bump — It’s Your Cloud Co-Pilot darkreadingRavi Sharma
August 29, 2025

Auditing must be seen for what it truly can be: a multiplier of trust, not a bottleneck of progress. Auditing must be seen for what it truly can be: a multiplier …


Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication The Hacker [email protected] (The Hacker News)
August 29, 2025

Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The …


Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign The Hacker [email protected] (The Hacker News)
August 29, 2025

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including …


Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation darkreadingRobert Lemos, Contributing Writer
August 29, 2025

Generating exploits with AI and large language models shrinks the time to target software flaws, giving security teams scant time to patch. Can enterprises adapt? Generating exploits with AI and large …