Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

/in

Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that’s being propagated via fraudulent gaming websites.
“Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background,” Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan

The Hacker News – ​Read More

Poisoned npm Packages Disguised as Utilities Aim for System Wipeout

/in

Backdoors lurking in legitimate-looking code contain file-deletion commands that can destroy production systems and cause massive disruptions to software supply chains.

darkreading – ​Read More

Hundreds of Russian devices hit by Rare Werewolf crypto-mining attacks

/in

The campaign has affected hundreds of Russian users, particularly targeting industrial enterprises and engineering schools, with additional victims reported in Belarus and Kazakhstan.

The Record from Recorded Future News – ​Read More

Hackers Stole 300,000 Crash Reports From Texas Department of Transportation

/in

The Texas Department of Transportation has disclosed a data breach impacting the personal information included in 300,000 crash reports.

The post Hackers Stole 300,000 Crash Reports From Texas Department of Transportation appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ongoing cyberattack at US grocery distributor giant UNFI affecting customer orders

/in

United Natural Foods said it is “diligently managing through the cyber incident” that sparked disruption outages.

Security News | TechCrunch – ​Read More

Airlines Don’t Want You to Know They Sold Your Flight Data to DHS

/in

A contract obtained by 404 Media shows that an airline-owned data broker forbids the feds from revealing it sold them detailed passenger data.

Security Latest – ​Read More

Vanta’s AI agent wants to run your compliance program — and it just might

/in

Credit: VentureBeat made with Midjourney

Vanta launches autonomous AI agent that automates security compliance workflows, helping enterprises save 12+ hours weekly on policy management and audit preparation.Read More

Security News | VentureBeat – ​Read More

How Cisco plans to stop rogue AI agent attacks inside your network

/in

As AI agents grow more powerful and unpredictable, Cisco unveils tools to lock down networks, track agent behavior, and prevent chaos before it spreads through your infrastructure.

Latest stories for ZDNET in Security – ​Read More

The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier

/in

Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely and efficiently without constant human oversight, which is where non-human identities (NHIs) come in. NHIs — including application secrets, API keys, service accounts, and OAuth tokens — have exploded in recent years, thanks to an

The Hacker News – ​Read More

Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

/in

Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.

The post Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud appeared first on SecurityWeek.

SecurityWeek – ​Read More