Behind every security alert is a bigger story. Sometimes it’s a system being tested. Sometimes it’s trust being lost in quiet ways—through delays, odd behavior, or subtle gaps in control. This week, we’re looking beyond the surface to spot what really matters. Whether it’s poor design, hidden access, or silentRead More »⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
You don’t need a rogue employee to suffer a breach. All it takes is a free trial that someone forgot to cancel. An AI-powered note-taker quietly syncing with your Google Drive. A personal Gmail account tied to a business-critical tool. That’s shadow IT. And today, it’s not just about unsanctionedRead More »Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise
Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: >Tracking code that Meta and Russia-based Yandex embed into millions of websites isRead More »New Way to Track Covertly Android Users
The US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes. The post US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers appeared first on SecurityWeek.
Introduction Librarian Ghouls, also known as “Rare Werewolf” and “Rezet”, is an APT group that targets entities in Russia and the CIS. Other security vendors are also monitoring this APT and releasing analyses of its campaigns. The group has remained active through May 2025, consistently targeting Russian companies. A distinctiveRead More »Sleep with one eye open: how Librarian Ghouls steal data by night
Kingsley Uchelue Utulu has been sentenced to more than 5 years in prison for his role in a scheme that involved hacking, fraud and identity theft. The post Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison appeared first on SecurityWeek.
President Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders. The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek.
OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things. “The [Russian-speaking] actor used our models toRead More »OpenAI Bans ChatGPT Accounts Used by Russian, Iranian, and Chinese Hacker Groups
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to “lib/commonjs/index.js,” allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating theseRead More »New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. “Some of the phishing emails were sent from the servers of compromised companies, increasing the chances ofRead More »Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025
