Fake Booking reservation cancellations and fake BSODs trick victims into executing malicious code leading to RAT infections. The post Sophisticated ClickFix Campaign Targeting Hospitality Sector appeared first on SecurityWeek.
The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. The post Dozens of Major Data Breaches Linked to Single Threat Actor appeared first on SecurityWeek.
Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death (BSoD) errors in attacks targeting the European hospitality sector. The end goal of the multi-stage campaign is to deliver a remote access trojanRead More »Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
The Invisible Half of the Identity Universe Identity used to live in one place – an LDAP directory, an HR system, a single IAM portal. Not anymore. Today, identity is fragmented across SaaS, on-prem, IaaS, PaaS, home-grown, and shadow applications. Each of these environments carries its own accounts, permissions, andRead More »What is Identity Dark Matter?
Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names.Read More »VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
The VPN company has conducted an investigation after a threat actor claimed to have hacked its systems. The post NordVPN Denies Breach After Hacker Leaks Data appeared first on SecurityWeek.
Significant cybersecurity M&A deals announced by Akamai, Red Hat, Checkmarx, Silent Push, and ServiceNow. The post Cybersecurity M&A Roundup: 30 Deals Announced in December 2025 appeared first on SecurityWeek.
A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying host. The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a caseRead More »New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
Users of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could allow a remote attacker to write arbitrary files on the server. Tracked as CVE-2026-21440 (CVSS score: 9.2), the flaw has been describedRead More »Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. “This organization has continued to conduct high-intensity intelligence gathering activities against Ukrainian military and government departments in 2025,” the 360 Threat Intelligence CenterRead More »Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government
