Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools The Hacker [email protected] (The Hacker News)
May 29, 2025

Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and Lucky_Gh0$t ransomware …


A Defense-in-Depth Approach for the Modern Era darkreadingMicah Bartell
May 29, 2025

By integrating intelligent network policies, zero-trust principles, and AI-driven insights, enterprises can create a robust defense against the next generation of cyber threats. By integrating intelligent network policies, zero-trust principles, and …


New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers The Hacker [email protected] (The Hacker News)
May 29, 2025

Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet. The DOS (Disk Operating System) …


CISA Releases Five Industrial Control Systems Advisories AlertsCISA
May 29, 2025

CISA released five Industrial Control Systems (ICS) advisories on May 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-148-01 Siemens SiPass ICSA-25-148-02 Siemens SiPass …


DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints The Hacker [email protected] (The Hacker News)
May 29, 2025

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data …


‘Haozi’ Gang Sells Turnkey Phishing Tools to Amateurs darkreadingAlexander Culafi, Senior News Writer, Dark Reading
May 29, 2025

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install. The phishing operation is using …


Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations The Hacker [email protected] (The Hacker News)
May 28, 2025

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). The tech giant, which discovered the …


Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin The Hacker [email protected] (The Hacker News)
May 28, 2025

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist, which …


ISC Stormcast For Thursday, May 29th, 2025 https://isc.sans.edu/podcastdetail/9470, (Thu, May 29th) SANS Internet Storm Center, InfoCON: green
May 28, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Certified Randomness Uses Quantum Cryptography to Make Stronger Keys darkreadingAgam Shah
May 28, 2025

Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption. Researchers are using quantum computers to generate keys that are truly random to strengthen data …