Palantir exec defends company’s immigration surveillance work

/in

One of the founders of startup accelerator Y Combinator offered unsparing criticism this weekend of the controversial data analytics company Palantir, leading a company executive to offer an extensive defense of Palantir’s work. The back-and-forth came after federal filings showed that U.S. Immigration and Customs Enforcement (ICE) — tasked with carrying out the Trump administration’s […]

Security News | TechCrunch – ​Read More

APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures

/in

The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that’s targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER.
“While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool

The Hacker News – ​Read More

Chinese APT IronHusky Deploys Updated MysterySnail RAT on Russia

/in

Kaspersky researchers report the reappearance of MysterySnail RAT, a malware linked to Chinese IronHusky APT, targeting Mongolia and…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Cozy Bear’s Wine Lure Drops WineLoader Malware on EU Diplomats

/in

Midnight Blizzard (APT29/Cozy Bear) targets European embassies and Ministries of Foreign Affairs with sophisticated phishing emails disguised as…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

/in

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities.
The packages in question are listed below –

node-telegram-utils (132 downloads)
node-telegram-bots-api (82 downloads)
node-telegram-util (73 downloads)

According to supply chain

The Hacker News – ​Read More

Florida Man Enters the Encryption Wars

/in

Plus: A US judge rules against police cell phone “tower dumps,” China names alleged NSA agents it says were involved in cyberattacks, and Customs and Border Protection reveals its social media spying tools.

Security Latest – ​Read More

ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware

/in

ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices.
The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10.0.

“An improper authentication control vulnerability exists in certain ASUS router firmware series,”

The Hacker News – ​Read More

Identity as the new perimeter: National Oilwell Varco’s approach to stopping the 79% of attacks that are malware-free

/in

NOV’s CIO on Zero Trust wins, AI in the SOC, and bringing cyber risk to the board

NOV’s CIO led a cyber strategy fusing Zero Trust, AI, and airtight identity controls to cut threats by 35x and eliminating reimaging.Read More

Security News | VentureBeat – ​Read More

Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved

/in

Post Content

darkreading – ​Read More

Could Ransomware Survive Without Cryptocurrency?

/in

Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.

darkreading – ​Read More