Just like the 2000s Flip phones grew popular, Windows XP debuted on personal computers, Apple introduced the iPod, peer-to-peer file sharing via torrents was taking off, and MSN Messenger dominated online chat. That was the tech scene in 2001, the same year when Sir Dystic of Cult of the DeadRead More »Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025
The cybersecurity startup plans to use the seed funding to accelerate product expansion and global growth. The post Opti Raises $20 Million for Identity Security Platform appeared first on SecurityWeek.
The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent. “This is the first time that a RomCom payload has been observed being distributed by SocGholish,” Arctic Wolf Labs researcher Jacob Faires saidRead More »RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware
Dartmouth College has disclosed a data breach after cybercriminals leaked over 226 Gb of files stolen from the university. The post Dartmouth College Confirms Data Theft in Oracle Hack appeared first on SecurityWeek.
The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover (ATO) fraud schemes. The activity targets individuals, businesses, and organizations of varied sizes and across sectors, the agency said, adding the fraudulentRead More »FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further. The post Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City appeared first on SecurityWeek.
CISA has described the techniques used by attackers and pointed out that the focus is on high-value individuals. The post CISA Warns of Spyware Targeting Messaging App Users appeared first on SecurityWeek.
Focusing on improving the resilience of AI agents, the startup will use the funding to accelerate deployments of its platform. The post AI Agent Security Firm Vijil Raises $17 Million appeared first on SecurityWeek.
New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JSONformatter and CodeBeautify that are used to format and validate code. Cybersecurity company watchTowr Labs said it captured a dataset of over 80,000 files onRead More »Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
Cybersecurity researchers are calling attention to a new campaign that’s leveraging a combination of ClickFix lures and fake adult websites to deceive users into running malicious commands under the guise of a “critical” Windows security update. “Campaign leverages fake adult websites (xHamster, PornHub clones) as its phishing mechanism, likely distributedRead More »JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers
