News

The Hacker News3h
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...
Microsoft Used China-Based Engineers to Support Product Recently Hacked by China
Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but ...
China says US spies exploited Microsoft Exchange zero-day to steal military info
China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day exploit to steal defense-related data ...
IPO pops are back, AI starts to pay off for Big Tech, and Palo Alto Networks spends big
Palo Alto Networks is charging full speed ahead on attempting to be as much of a one-stop cyber shop as is possible in the ...
Palo Alto Networks investigating ransomware threat related to SharePoint exploitation
Researchers from Palo Alto Networks say they are investigating a ransomware attack related to the recently disclosed ...
SecurityWeek11h
In Other News: Microsoft Probes ToolShell Leak, Port Cybersecurity, Raspberry Pi ATM Hack
Microsoft investigates whether the ToolShell exploit was leaked via MAPP, port cybersecurity, physical backdoor used for ATM ...
ESX Virtualization11h
StarWind VTL: Fortifying Your Backup Infrastructure Against Ransomware
Whether you're thinking that your backup infrastructure is the best and unpenetrable, you are actually never protected enough ...
The Hacker News12h
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...
AI-powered Cursor IDE vulnerable to prompt-injection attacks
A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges.
PCMag UK13h
Ransomware Victims Are Still Paying Up, Some More Than Once
Most payments are less than $1 million, but 8% of successfully attacked US companies have paid a ransom four or more times, ...
PCMag13h
Black Hat 2025 Forecast: AI Mayhem, EV Intrusions, and Hacker Innovations
Hackers and security researchers will make the annual pilgrimage to the Black Hat security conference in Las Vegas next week. Here's a preview of some of the most insightful—and unsettling—sessions we ...
CSO Online14h
Cybercrooks faked Microsoft OAuth apps for MFA phishing
Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to ...