CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users The Hacker [email protected] (The Hacker News)
May 14, 2025

A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and …


Congress Should Tackle Cyber Threats, Not Competition darkreadingGreg Guice
May 14, 2025

Some members of Congress seem more intent on grabbing headlines than actually working to make America more cyber secure. Some members of Congress seem more intent on grabbing headlines than actually …


Orca Security Gets AI-Powered Remediation From Opus Deal darkreadingJeffrey Schwartz
May 14, 2025

The acquisition will enhance Orca's CNAPP offering with autonomous vulnerability remediation and prevention technologies from Opus. The acquisition will enhance Orca's CNAPP offering with autonomous vulnerability remediation and prevention technologies from …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
May 14, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-32756 Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent …


Patch Tuesday, May 2025 Edition Krebs on SecurityBrianKrebs
May 14, 2025

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the …


Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns The Hacker [email protected] (The Hacker News)
May 14, 2025

A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including …


Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team The Hacker [email protected] (The Hacker News)
May 14, 2025

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase …


Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails The Hacker [email protected] (The Hacker News)
May 14, 2025

Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and …


Another day, another phishing campaign abusing google.com open redirects, (Wed, May 14th) SANS Internet Storm Center, InfoCON: green
May 14, 2025

A couple of weeks ago, I came across a phishing campaign that highlights a recurring issue with open redirect vulnerabilities in well-known and trusted services.  A couple of weeks ago, I …


Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server The Hacker [email protected] (The Hacker News)
May 14, 2025

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in …