LummaC2 Fractures as Acreed Malware Becomes Top Dog darkreadingKristina Beek, Associate Editor, Dark Reading
June 3, 2025

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share. LummaC2 formerly accounted for almost 92% of Russian Market's …


Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack The Hacker [email protected] (The Hacker News)
June 3, 2025

Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport …


vBulletin Exploits (CVE-2025-48827, CVE-2025-48828), (Tue, Jun 3rd) SANS Internet Storm Center, InfoCON: green
June 3, 2025

Last week, Ryan Dewhurst disclosed an interesting and easily exploitable vulnerability in vBulltin. These days, bulletin boards are not quite as popular as they used to be, but they are …


Is Your CISO Navigating Your Flight Path? darkreadingRichard Marcus
June 3, 2025

If your CISO isn't wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed. If your CISO isn't wielding influence with …


Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code The Hacker [email protected] (The Hacker News)
June 3, 2025

Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible …


CISA Adds Three Known Exploited Vulnerabilities to Catalog AlertsCISA
June 3, 2025

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-21479 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability CVE-2025-21480 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability CVE-2025-27038 …


CISA Releases Three Industrial Control Systems Advisories AlertsCISA
June 3, 2025

CISA released three Industrial Control Systems (ICS) advisories on June 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-153-01 Schneider Electric Wiser Home …


Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization The Hacker [email protected] (The Hacker News)
June 3, 2025

In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, with coverage spilling over into the mainstream news …


Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets The Hacker [email protected] (The Hacker News)
June 3, 2025

A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America. The malware, according to a new report …


Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues The Hacker [email protected] (The Hacker News)
June 3, 2025

Google has revealed that it will no longer trust digital certificates issued by Chunghwa Telecom and Netlock citing "patterns of concerning behavior observed over the past year." The changes are expected …