Personal data of former and current council workers, including election staff, may have been accessed by hackers.
The post Hackers Access Legacy Systems in Oxford City Council Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.
“Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT said in a report
The Hacker News – Read More
Israel-linked Predatory Sparrow hackers torched more than $90 million at Iran’s largest cryptobank as Israel-Iran cyberwar escalates.
The post Predatory Sparrow Burns $90 Million on Iranian Crypto Exchange in Cyber Shadow War appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers have published technical details and a proof of concept (PoC) for vulnerability CVE-2025-6019 in the libblockdev library, which allows an attacker to gain root privileges in most Linux distributions. Exploitation of this vulnerability has not been observed in the wild as yet, but since the PoC is freely available, attackers could start exploiting it at any time.
The libblockdev library is used for low-level operations with block devices (e.g., hard disks) in Linux. The CVE-2025-6019 vulnerability is exploited by accessing the udisks2 daemon (used to manage storage devices) — provided that the attackers manage to obtain the privileges of the active user present on the computer (allow_active).
Almost all modern popular Linux builds include udisks, and enthusiasts have already tested the exploitability of the CVE-2025-6019 vulnerability on Ubuntu, Debian, Fedora and openSUSE. In theory, only the user physically using the computer can have allow_active privileges. However, in reality, an attacker may have the means to obtain allow_active remotely.
For example, the researchers who discovered CVE-2025-6019 initially demonstrated it in the exploitation chain, where allow_active privileges are obtained through another vulnerability — CVE-2025-6018 — which is contained in the configuration of pluggable authentication modules (PAMs). CVE-2025-6018 is present in at least openSUSE Leap 15 and SUSE Linux Enterprise 15, but may be relevant for other distributions as well.
The teams responsible for the development of most popular Linux builds immediately started working on fixes for vulnerabilities. Patches for Uubuntu are ready. Users of other distributions are advised to keep an eye out for updates, and promptly install them as they’re released.
If the patch is not yet available for your Linux distribution, or you cannot install it for some reason, the Qualys experts who found the vulnerability recommend changing the setting allow_active of the polkit rule org.freedesktop.udisks2.modify-device from yes to auth_admin.
In addition, we recommend forgetting the myth that Linux doesn’t need additional security. It, like any other operating system, can be a target for a cyberattack, so it also needs protection .
Kaspersky official blog – Read More
Cybercriminals are injecting fake support phone numbers onto official sites like Bank of America and Netflix. Learn how ‘search parameter injection’ scams work and protect yourself now.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
A civil forfeiture complaint was filed in U.S. District Court for the District of Columbia this week, where investigators from the FBI and U.S. Secret Service said they used blockchain analysis to trace the funds back to fraud schemes perpetrated by actors in the Philippines.
The Record from Recorded Future News – Read More
A 33-year-old man arrested in Ukraine will face charges in the U.S. of working for the Ryuk cybercrime operation, known for high-profile targets and large ransom demands.
The Record from Recorded Future News – Read More
Instead of constantly fixing security vulnerabilities, organizations should proactively build secure foundations that enable businesses to move faster while reducing risk.
darkreading – Read More
Trend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools.
The post New Campaigns Distribute Malware via Open Source Hacking Tools appeared first on SecurityWeek.
SecurityWeek – Read More