Foreign Hackers Are Using Google’s Gemini in Attacks on the US
Plus: WhatsApp discloses nearly 100 targets of spyware, hackers used the AT&T breach to hunt for details on US politicians, and more.
Security Latest – Read More
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan.
The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker.
The vast array of sites in question peddled phishing toolkits and fraud-enabling tools and
The Hacker News – Read More
BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API key.
The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged
The Hacker News – Read More
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists
Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members.
The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.
In a statement to The Guardian, the encrypted messaging app said it has reached
The Hacker News – Read More
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
Cybersecurity researchers have discovered a malvertising campaign that’s targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials.
“These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft’s advertising platform,” Jérôme Segura, senior
The Hacker News – Read More
DeepSeek Jailbreak Reveals Its Entire System Prompt
Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.
darkreading – Read More
DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans
The “Cracked” and “Nulled” Dark Web sites are now offline, along with the Pakistani “Saim Raza” network of underground forums (aka HeartSender).
darkreading – Read More
Community Health Center Data Breach Affects 1M Patients
The CHC remains operational, but a host of personal data is now in the hands of a “skilled cybercriminal,” it said.
darkreading – Read More
AI-Generated Content: How Cybercriminals Are Using It for Phishing Scams
AI-generated content is empowering even novice hackers to elevate phishing attacks, enabling highly personalized and convincing scams targeting…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Deepseek’s AI model proves easy to jailbreak – and worse
In one security firm’s test, the chatbot alluded to using OpenAI’s training data.
Latest stories for ZDNET in Security – Read More