New Koske Linux malware hides in cute panda images

Hackers are using AI and panda images to infect Linux machines -- here's how

7 months / betanews / Wayne Williams

Hackers fooled Cognizant help desk, says Clorox in $380M cyberattack lawsuit

Bill Toulas / bleepingcomputer - Clorox is suing IT giant Cognizant for gross negligence, alleging it enabled a massive August 2023 cyberattack by resetting an employee's password for a hacker without first verifying their identity. [...]

#cybersecurity #infosec #business #law

Image post - please click to view at origin

7 months / bsky / @arstechnica.com / arstechnica.com

All that multifactor authentication for nothing

7 months / bsky / @bankuei.bsky.social / bankuei.bsky.social

After $380M hack, Clorox sues its “service desk” vendor for simply giving out passwords

7 months / arstechnica / Nate Anderson

Hackers fooled Cognizant help desk, says Clorox in $380M cyberattack lawsuit

$380M lawsuit claims intruder got Clorox's passwords from Cognizant simply by asking

7 months / theregister / Jude Karabus

Mandiant: China-Linked Hackers Behind Recent Microsoft SharePoint Zero-Day Attacks

Markus Kasanmascheff / winbuzzer - Google's Mandiant links a China-nexus hacking group to attacks on a critical SharePoint zero-day (CVE-2025-53770), as Microsoft issues emergency patches.The post Mandiant: China-Linked Hackers Behind Recent Microsoft SharePoint Zero-Day Attacks appeared f…

#cybersecurity #infosec #china #hack

Microsoft finds China-linked hackers are targeting SharePoint deployments

7 months / siliconangle / Maria Deutscher

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

Google and Microsoft say Chinese hackers are exploiting SharePoint zero-day – TechCrunch

7 months / bsky / @sensehofstede.nl / sensehofstede.nl

Chinese nation-state groups exploiting SharePoint vulnerability, Microsoft confirms

7 months / therecord

Surprise, surprise: Chinese spies, IP stealers, other miscreants attacking Microsoft SharePoint servers

Microsoft says Chinese hacking groups are behind SharePoint attacks

7 months / theverge / Jess Weatherbed

Microsoft says Chinese hacking groups exploited SharePoint vulnerability in attacks

7 months / cnbc

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

7 months / techcrunch / Zack Whittaker

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

Microsoft links the SharePoint ToolShell attacks to three Chinese hacking groups: - Chinese nation-state threat groups Linen Typhoon and Violet Typhoon - China-based threat actor tracked as Storm-2603 www.bleepingcomputer.com/news/securit...

7 months / bsky / @serghei.bsky.social / serghei.bsky.social

Microsoft patches critical SharePoint 2016 zero-days amid active exploits

7 months / theregister / Richard Speed

Mandiant: China-Linked Hackers Behind Recent Microsoft SharePoint Zero-Day Attacks

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

7 months / bleepingcomputer / Sergiu Gatlan

Vibe coding dream turns to nightmare as Replit deletes developer's database

techspot - Jason Lemkin, founder of the SaaS-focused community SaaStr, initially had a positive experience with Replit but quickly changed his mind when the service started acting like a digital psycho. Replit presents itself as a platform trusted by Fortune 500 com…

#cloud #software #infosec

Vibe coding dream turns to nightmare as Replit deletes developer's database

7 months / techspot

AI coding platform goes rogue during code freeze and deletes entire company database — Replit CEO apologizes after AI engine says it 'made a catastrophic error in judgment' and 'destroyed all production data'

7 months / tomshardware

Alaska Airlines Flights Resume After IT Outage. What to Do if You Were Affected

Omar Gallaga / cnet - The outage affected Alaska Airlines and Horizon Air flights for several hours on Sunday.

#infosec #aviation

Alaska Airlines Flights Resume After IT Outage. What to Do if You Were Affected

7 months / cnet / Omar Gallaga

Computer Glitch Grounds Every Alaska Airlines Flight

7 months / gizmodo / Bruce Gil

Worldwide cyberattack underway as hackers exploit Microsoft SharePoint zero-day vulnerability

techspot - "Anybody who's got a hosted SharePoint server has got a problem," Adam Meyers, senior vice president with CrowdStrike, told The Washington Post. "It's a significant vulnerability."Read Entire Article

#cybersecurity #infosec #microsoft #hack

Hackers exploiting SharePoint zero-day seen targeting government agencies

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

SharePoint vulnerability with 9.8 severity rating under exploit across globe

7 months / arstechnica / Dan Goodin

Massive Cyberattack Targets Microsoft SharePoint Systems

7 months / iphoneincanada / Usman Qureshi

Hackers have been exploiting a vulnerability to attack SharePoint and connected Microsoft services in what will be a big problem for corporate Mac users this week.

7 months / bsky / @appleinsider.com / appleinsider.com

Microsoft hit with SharePoint attack — one version still vulnerable

7 months / cnbc

Microsoft SharePoint hacks a major problem for corporate networks, not Mac hardware

7 months / appleinsider

Worldwide cyberattack underway as hackers exploit Microsoft SharePoint zero-day vulnerability

7 months / techspot

New zero-day bug in Microsoft SharePoint under widespread attack

7 months / techcrunch / Zack Whittaker

Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk

7 months / engadget / Steve Dent

Four new Android spyware samples linked to Iran's intel agency

Jessica Lyons / theregister - Persians added snooping capabilities to DCHSpy after Israeli bombs fell Four new samples of Android spyware linked to the Iranian Ministry of Intelligence and Security (MOIS) that collects WhatsApp data, records audio and video, and hunts for files by nam…

#cybersecurity #infosec #android #apps

Hackers believed to be affiliated with an Iranian intelligence agency are using a newly-discovered strain of the DCHSpy malware to snoop on adversaries. The strain can exfiltrate data from WhatsApp and stored files on devices. therecord.media/malware-exf

7 months / bsky / @suzannesmalley.bsky.social / suzannesmalley.bsky.social

New malware samples exfiltrate WhatsApp data to target Iran regime’s enemies

7 months / therecord

Iranian hackers expand Android spyware campaign amid Middle East tensions

7 months / siliconangle / Duncan Riley

Four new Android spyware samples linked to Iran's intel agency

#cybersecurity #infosec #microsoft #security

Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack

Iain Thomson / theregister - PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and th…

Researchers believe the issue is likely to lead to a large number of victims including governments and enterprises, and warn that attackers are compromising cryptographic keys allowing them to maintain access to victims’ systems even after the affected se

7 months / bsky / @alexmartin.bsky.social / alexmartin.bsky.social

Microsoft SharePoint servers are under attack because of a zero-day exploit in the wild. Cloud versions of SharePoint are unaffected, and Microsoft has issued emergency patches for SharePoint 2019 and SharePoint Subscription Edition servers www.theverge.c

7 months / bsky / @tomwarren.co.uk / tomwarren.co.uk

Warnings issued as hackers actively exploit critical zero-day in Microsoft SharePoint

7 months / therecord

Microsoft patches under-attack SharePoint 2019 and SE

7 months / theregister / Richard Speed

Microsoft SharePoint servers are under attack because of a major security flaw

7 months / theverge / Jess Weatherbed

Microsoft Patches Critical SharePoint Zero-Day, Urges Immediate Updates

Microsoft releases emergency fixes for actively exploited SharePoint security flaws

7 months / betanews / Sofia Elizabella Wyciślik-Wilson

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

7 months / bleepingcomputer / Lawrence Abrams

Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack

7 months / theregister / Iain Thomson

Active attacks target Microsoft SharePoint zero-day affecting on-premises servers

7 months / siliconangle / Duncan Riley

Is Google Still Down? What We Know About the Gmail, Workspace and Drive Outage

Katie Collins / cnet - It appears Google has resolved the incident that caused a short-lived, but widespread outage.

#cloud #infosec #google #internet

Is Google Still Down? What We Know About the Gmail, Workspace and Drive Outage

7 months / cnet / Katie Collins

Outage takes down Google services, Discord, Spotify, and more

7 months / mobilesyrup / Brad Bennett

StrongestLayer Secures $5.2M for AI Email Security

In a clear sign that the spammer battleground remains heated, cybersecurity startup StrongestLayer has successfully raised $5.2 million in seed funding to bolster its AI-driven email threat protection platform. The fresh capital is aimed at enhancing automated defenses just as phishing and malware attacks continue to evolve—because clearly hackers never take a holiday.

#ai #vc #cybersecurity #infosec

StrongestLayer secures $5.2M to combat emerging AI-driven email threats

7 months / siliconangle / Duncan Riley

Max severity Cisco ISE bug allows pre-auth command execution, patch now

Bill Toulas / bleepingcomputer - A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. [...]

#cybersecurity #enterprise #infosec

Watch out, another max-severity, make-me-root Cisco bug on the loose

Max severity Cisco ISE bug allows pre-auth command execution, patch now

Roblox Will Request Video Selfies To Estimate Players' Age

Roblox is adding an 'age estimation' feature for teens

Karissa Bell / engadget - Roblox is joining the growing ranks of online platforms that are trying to better understand the ages of their teen users. The company is rolling out a new "age estimation" feature for teens 13 and older.With the update, teens will be prompted for an age …

#infosec #apps #privacy

7 months / gamespot / Alex Newhouse

Roblox’s New Age Verification Feature Uses AI to Scan Teens’ Video Selfies

7 months / wired / Megan Farokhmanesh

Roblox asking users for facial scans or IDs to bypass filtered chat

7 months / mobilesyrup / Vincent Lin

Roblox Introduces Age Verification, New Teen Safety Tools

7 months / iphoneincanada / Usman Qureshi

Roblox introduces age estimation technology for unfiltered chats

7 months / therecord

Soluciones a problemas inexistentes. Roblox estará agregando una herramienta para verificar la edad de los menores: Hay que escanear la cara y una herramienta de estimación de edad confirmará si son mayores de 13 para que puedan chatear más libremente

7 months / bsky / @mr-bytes.com / mr-bytes.com

Roblox introduces new safeguards for teens, including age estimation tech

Roblox's New Safety Features Include an AI That Will Guess Your Age Based on a Video Selfie

7 months / ign / Rebekah Valentine

Roblox is adding an 'age estimation' feature for teens

7 months / engadget / Karissa Bell

Roblox launches new age verification system to unlock unfiltered chats

7 months / cnbc

Roblox will require a facial scan or government ID to have unfiltered chats

7 months / theverge / Jay Peters

Roblox introduces new safeguards for teens, including age estimation tech

7 months / techcrunch / Aisha Malik

Microsoft Offers Last-Chance Security Updates for Aging Exchange and Skype Servers

Markus Kasanmascheff / winbuzzer - Microsoft reverses course, offering a paid, six-month Extended Security Update (ESU) program for Exchange and Skype servers facing a 2025 support deadline.The post Microsoft Offers Last-Chance Security Updates for Aging Exchange and Skype Servers appeared…

#software #infosec #microsoft #security

Microsoft Offers Last-Chance Security Updates for Aging Exchange and Skype Servers

Microsoft offers vintage Exchange and Skype server users six more months of security updates

7 months / theregister / Simon Sharwood

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack

Bill Toulas / bleepingcomputer - To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. [...]

#cloud #infosec #cloudsec #internet

To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack

Cloudflare fesses up to config change that borked internet access for all

7 months / theregister / Paul Kunert

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

Ionut Ilascu / bleepingcomputer - A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. [...]

#infosec #security #hack

Image post - please click to view at origin

7 months / bsky / @arstechnica.com / arstechnica.com

Google finds custom backdoor being installed on SonicWall network devices

7 months / arstechnica / Dan Goodin

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

Google spots tailored backdoor malware aimed at SonicWall appliances

7 months / therecord

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

7 months / bleepingcomputer / Ionut Ilascu

Crims hijacking fully patched SonicWall VPNs to deploy stealthy backdoor and rootkit

#cybersecurity #infosec #cybercrime #law

Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion

Jessica Lyons / theregister - File this one under what not to search if you've committed a crime A former US Army soldier, who reportedly hacked AT&T, bragged about accessing President Donald Trump's call logs, and then Googled "can hacking be treason," and "US military personnel defe…

US Army soldier pleads guilty to hacking telcos and extortion

Former U.S. Army hacker Cameron Wagenius pleaded guilty to hacking and extortion charges. Wagenius had already pleaded guilty to hacking AT&T and Verizon, among others. techcrunch.com/2025/07/15/u...

7 months / bsky / @lorenzofb.bsky.social / lorenzofb.bsky.social

Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion

US Army soldier pleads guilty to hacking telcos and extortion

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’

therecord - The one-day deadline issued by CISA on Thursday appears to be the shortest one ever issued. Federal civilian agencies are typically given three weeks to patch bugs added to the known exploited vulnerability catalog.

#cybersecurity #software #infosec #government

In a rare move, CISA gave federal agencies just one day to patch Citrix Netscaler bug CVE-2025-5777 Patch ASAP #CitrixBleed2 #2Citrix2Bloody therecord.media/cisa-orders-...

7 months / bsky / @jgreig.bsky.social / jgreig.bsky.social

CISA issued its shortest KEV deadline ever, giving federal agencies one day to patch Citrix Netscaler bug CVE-2025-5777 CISA official Chris Butera said the bug poses “a significant, unacceptable risk to the security of the federal civilian enterprise.”

7 months / bsky / @jgreig.bsky.social / jgreig.bsky.social

CISA is giving all civilian agencies 1 day to remediate CitrixBleed 2. It is encouraging all other organisations in the US to do this too. https://therecord.media/cisa-orders-agencies-patch-citrix-bleed-2

7 months / bsky / @GossiTheDog.cyberplace.social.ap.brid.gy / GossiTheDog.cyberplace.social.ap.brid.gy

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

CISA confirms hackers are actively exploiting critical ‘Citrix Bleed 2’ bug

7 months / techcrunch / Zack Whittaker

CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’

7 months / therecord

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

#cybersecurity #dataprivacy #infosec #chatgpt

Chatbot used by McDonald's to hire workers leaked data for 64 million people after researchers guessed system password was '123456' — once inside, a second flaw turned up 'every chat interaction [from anyone who] ever applied for a job at McDonald’s'

tomshardware - A pair of security researchers has revealed vulnerabilities in the McHire chatbot Olivia, developed by Paradox.ai for McDonald's, that could have been exploited to reveal personal information about roughly 64 million people.

'123456' password exposed info for 64 million McDonald’s job applicants

7 months / bleepingcomputer / Lawrence Abrams

McFuckedUp.

7 months / bsky / @zackwhittaker.com / zackwhittaker.com

AI chatbot’s simple ‘123456’ password risked exposing personal data of millions of McDonald’s job applicants

AI chatbot’s simple ‘123456’ password risked exposing personal data of millions of McDonald’s job applicants

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

Bug Hunters Gain Access to 64 Million McDonald’s Job Applicants’ Info by Using the Password ‘123456’

7 months / gizmodo / Lucas Ropek

Chatbot used by McDonald's to hire workers leaked data for 64 million people after researchers guessed system password was '123456' — once inside, a second flaw turned up 'every chat interaction [from anyone who] ever applied for a job at McDonald’s'

7 months / tomshardware

M&S says Dragon Force threat group behind April cyberattack

Suhasini Srinivasaragavan / siliconrepublic - The retailer estimates that the attack will cost the company £300m in profits this year.Read more: M&S says Dragon Force threat group behind April cyberattack

#cybersecurity #infosec #cybercrime #hack

M&S confirms social engineering led to massive ransomware attack

7 months / bleepingcomputer / Lawrence Abrams

Marks & Spencer chair refuses to say if retailer paid hackers after ransomware attack

M&S says Dragon Force threat group behind April cyberattack

7 months / siliconrepublic / Suhasini Srinivasaragavan

Marks & Spencer chair refuses to say if retailer paid hackers after ransomware attack

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

OpenAI tightens the screws on security to keep away prying eyes

Connie Loizos / techcrunch - OpenAI has reportedly overhauled its security operations to protect against corporate espionage. According to the Financial Times, the company accelerated an existing security clampdown after Chinese startup DeepSeek released a competing model in January,…

#cybersecurity #infosec #security

OpenAI is ramping up security to prevent rivals from copying its advanced AI models

7 months / the-decoder / Matthias Bastian

OpenAI Fortifies Security Against Espionage, Citing DeepSeek’s Alleged IP Theft

OpenAI tightens the screws on security to keep away prying eyes