Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT

/in

Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States.
“From 2020 to 2023, the XorDDoS trojan has increased significantly in prevalence,” Cisco Talos researcher Joey Chen said in a Thursday analysis. 

The Hacker News – ​Read More

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.
The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure

The Hacker News – ​Read More

Google’s Gemini 2.5 Flash introduces ‘thinking budgets’ that cut AI costs by 600% when turned down

/in

Credit: VentureBeat made with Midjourney

Google’s new Gemini 2.5 Flash AI model introduces adjustable “thinking budgets” that let businesses pay only for the reasoning power they need, balancing advanced capabilities with cost efficiency.Read More

Security News | VentureBeat – ​Read More

CISA Urges Action on Potential Oracle Cloud Credential Compromise

/in

Following reports of unauthorized access to a legacy Oracle cloud environment, CISA warns of potential credential compromise leading…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Dogged by Trump, Chris Krebs Resigns from SentinelOne

/in

The president revoked the former CISA director’s security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation.

darkreading – ​Read More

Android Phones Pre-Downloaded With Malware Target User Crypto Wallets

/in

The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users’ wallet addresses with their own.

darkreading – ​Read More

Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH

/in

Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Qrator Labs Reports Mitigating Year’s Largest DDoS Attack to Date

/in

Qrator Labs reports it mitigated a massive record 965 Gbps DDoS attack in April 2025, the largest incident…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Airport retailer agrees to $6.9 million settlement over ransomware data breach

/in

According to a complaint filed by a former employee, cybercriminals exfiltrated records that held personal information like names and Social Security numbers belonging to 76,000 current and former employees of Paradies Shops.

The Record from Recorded Future News – ​Read More

‘No AI Agents are Allowed.’ EU Bans Use of AI Assistants in Virtual Meetings

/in

In a presentation delivered this month by the European Commission, a meeting etiquette slide stated “No AI Agents are allowed.”

Security | TechRepublic – ​Read More