Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials The Hacker [email protected] (The Hacker News)
June 5, 2025

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security …


Questions Swirl Around ConnectWise Flaw Used in Attacks darkreadingRob Wright
June 5, 2025

ConnectWise issued a patch to stave off attacks on ScreenConnect customers, but the company's disclosures don't explain what the vulnerability is and when it was first exploited. ConnectWise issued a patch …


Finding Balance in US AI Regulation darkreadingJohn Hurley
June 5, 2025

The US can't afford to wait for political consensus to catch up to technological change. The US can't afford to wait for political consensus to catch up to technological change.  ​Read More


Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands The Hacker [email protected] (The Hacker News)
June 5, 2025

The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
June 5, 2025

 CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability  This type of vulnerability is …


CISA Releases Seven Industrial Control Systems Advisories AlertsCISA
June 5, 2025

CISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-155-01 CyberData 011209 SIP Emergency …


Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation The Hacker [email protected] (The Hacker News)
June 5, 2025

Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business …


Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware The Hacker [email protected] (The Hacker News)
June 5, 2025

An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024. The activity is tied to a threat group …


DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown The Hacker [email protected] (The Hacker News)
June 5, 2025

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash. "The …


Iranian APT ‘BladedFeline’ Hides in Network for 8 Years darkreadingAlexander Culafi, Senior News Writer, Dark Reading
June 5, 2025

ESET published research on the Iranian APT "BladedFeline," which researchers believe is a subgroup of the cyber-espionage entity APT34. ESET published research on the Iranian APT "BladedFeline," which researchers believe is …