FBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering The Hacker [email protected] (The Hacker News)
June 28, 2025

The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, …


GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool The Hacker [email protected] (The Hacker News)
June 28, 2025

The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns in June …


Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns The Hacker [email protected] (The Hacker News)
June 28, 2025

Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including …


Top Apple, Google VPN Apps May Help China Spy on Users darkreadingNate Nelson, Contributing Writer
June 27, 2025

Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers allege. Apple and Google espouse strong …


‘CitrixBleed 2’ Shows Signs of Active Exploitation darkreadingKristina Beek, Associate Editor, Dark Reading
June 27, 2025

If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected. If exploited, the critical vulnerability allows attackers …


Scattered Spider Taps CFO Credentials in ‘Scorched Earth’ Attack darkreadingRob Wright
June 27, 2025

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought …


Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign The Hacker [email protected] (The Hacker News)
June 27, 2025

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign …


Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover darkreadingNate Nelson, Contributing Writer
June 27, 2025

Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system. Hackers can spy …


Vulnerability Debt: How Do You Put a Price on What to Fix? darkreadingMatt Middleton-Leal
June 27, 2025

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture. Putting a vulnerability debt figure together involves work, …


PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack The Hacker [email protected] (The Hacker News)
June 27, 2025

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such …