Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection. [...]

Explanation leaves a 'lot of questions unanswered,' says infosec researcher A digital burglar is claiming to have nabbed a trove of "highly sensitive" data from Check Point - something the American-Israeli security biz claims is a huge exaggeration.... [...]

Welcome to the second Cloud CISO Perspectives for March 2025. Today, Archana Ramamoorthy, senior director of product management, Google Cloud, explains our approach to digital sovereignty and we believe strongly in meeting this vital customer need. As with all Cloud CISO Perspectives, the contents of this newsletter are posted …

The notorious North Korean Lazarus hacking group has reportedly adopted 'ClickFix' tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). [...]

US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities. "I didn’t see this loser in the group," Waltz told Fox News …

Think AWS has security covered? Think again. Discover real-world examples of what it doesn’t secure and how to protect your environment Advertorial AWS customers might assume that security is taken care of for them - however, this is a dangerous misconception.... [...]

“Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.” -U.S. Constitution, First …

PLUS: Indonesia crimps social media, allows iPhones; India claims rocket boost; In-flight GenAI for Japan Airlines Asia In Brief China last week commenced a crackdown on inappropriate collection and subsequent use of personal information.... [...]

PLUS: OpenAI bumps bug bounties bigtime; INTERPOL arrests 300 alleged cyber-scammers; And more! Infosec in brief Oracle Health appears to have fallen victim to an info stealing attack that has led to patient data stored by American hospitals being plundered.... [...]

A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. [...]

Miscreants warming to Delphi, Haskell, and the like to evade detection Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell.... [...]

Join a loyalty scheme and you often get a reward or discount on your special day – but it may have strings attached Celebrating your birthday isn’t just about getting presents and cards from family and friends. Signing up to loyalty schemes and newsletters can give you access to …

In another rare squid/cybersecurity intersection, APT37 is also known as “ Squid Werewolf.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]

AWS has been a proud participant in FedRAMP since 2013. As FedRAMP continues to modernize federal cloud security assessments, we are excited to support this transformation toward a more automated and efficient compliance framework. Today, we’re emphasizing our support for both APN partners and government customers through this …

Oracle isn’t commenting on recent reports that it has experienced two separate data breaches that have exposed sensitive personal information belonging to thousands of its customers. The most recent data breach report, published Friday by Bleeping Computer, said that Oracle Health—a health care software-as-a-service business the company …

​Sam's Club, an American warehouse supermarket chain owned by U.S. retail giant Walmart, is investigating claims of a Clop ransomware breach. [...]

Artificial intelligence company OpenAI has announced a fivefold increase in the maximum bug bounty rewards for "exceptional and differentiated" critical security vulnerabilities from $20,000 to $100,000. [...]

A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection. [...]

Three security bypasses have been discovered in Ubuntu Linux's unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. [...]

A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. [...]

Department director admits Welsh capital's council still trying to get heads around threat of dark web leaks Cardiff City Council's director of children's services says data was leaked or stolen from the organization, although she did not clarify how or what was pilfered.... [...]

This is a truly fascinating paper: “ Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third parties: Abstract: We often interact with untrusted parties. Prioritization of privacy can limit the effectiveness of these interactions, as …

In the growing canon of AI security, the indirect prompt injection has emerged as the most powerful means for attackers to hack large language models such as OpenAI’s GPT-3 and GPT-4 or Microsoft’s Copilot. By exploiting a model's inability to distinguish between, on the one hand, developer-defined …

Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia.... [...]

WOW ! DID ! SOMEONE ! REALLY ! STEAL ! DATA ! ON ! 400K ! USERS? ! A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW ! )... [...]

The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. [...]

The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. [...]

Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a Mexican research institute. The gang also likely targeted a governmental institution in Honduras, along with other yet-to-be-identified …

Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers' systems. [...]

A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. [...]

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. The real website of the Ukrainian paramilitary …

Researchers say 'proactive' approach is needed to combat global cybercrime Here's one you don't see every day: A cybersecurity vendor is admitting to breaking into a notorious ransomware crew's infrastructure and gathering data it relayed to national agencies to help victims.... [...]

A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [...]

Data backups are a lifeline and the ultimate safeguard when your organization is faced with unexpected disruption. Last year, we introduced backup vault, a powerful storage feature available as part of the Google Cloud Backup and Disaster Recovery (DR) service. Backup vault secures backups against tampering and unauthorized deletion …

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]

Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against 'Big Tech' surveillance for free. [...]

Screenshot shows company head unhappy, claiming 'real CVE is pending' CrushFTP's CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical vulnerability in its file transfer tech disclosed almost a week ago.... [...]

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud platform. [...]

NIST just released a comprehensive taxonomy of adversarial machine learning attacks and countermeasures. [...]

As if living in Croydon wasn't bad enough The Metropolitan Police has confirmed its first permanent installation of live facial recognition (LFR) cameras is coming this summer and the lucky location will be the South London suburb of Croydon.... [...]

Data stolen included checklist for medics on how to get into vulnerable people's homes The UK's data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary's security failings led to a ransomware attack affecting NHS care.... [...]

The UK Information Commissioner's Office (ICO) has fined Advanced Computer Software Group Ltd £3.07 million over a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people, including National Health Service (NHS) patients. [...]

As AI and machine learning (AI/ML) become increasingly accessible through cloud service providers (CSPs) such as Amazon Web Services (AWS), new security issues can arise that customers need to address. AWS provides a variety of services for AI/ML use cases, and developers often interact with these services …

So F-18 launch times, weapons, drone support aren't classified now... who knew? The Atlantic's editor-in-chief who was inadvertently added to a Signal group in which the US Secretary of Defense, Vice President, and others discussed secret military plans has now publicly released the messages.... [...]

Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid. [...]

MORSE to pay --...-...-.... --- -.... for failing to meet cyber-grade A US defense contractor will cough up $4.6 million to settle complaints it failed to meet cybersecurity requirements on military contracts and knowingly submitted false claims for payment.... [...]

Amazon Web Services (AWS) is pleased to announce that the Winter 2024 System and Organization Controls (SOC) 1 report is now available. The report covers 183 services over the 12-month period from January 1, 2024, to December 31, 2024, giving customers a full year of assurance. This report demonstrates …

Cloud-based streaming company StreamElements confirms it suffered a data breach at a third-party service provider after a threat actor leaked samples of stolen data on a hacking forum. [...]

A new cybercrime platform named 'Atlantis AIO' provides an automated credential stuffing service against 140 online platforms, including email services, e-commerce sites, banks, and VPNs. [...]

An analysis of the NSO BLASTPASS iMessage exploit Posted by Ian Beer, Google Project Zero On September 7, 2023 Apple issued an out-of-band security update for iOS: Around the same time on September 7th 2023, Citizen Lab published a blog post linking the two CVEs fixed in iOS 16 …