Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code
Similar Posts
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Bys sAnthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude’s capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its terms
House Lawmakers Push to Ban AI App DeepSeek From US Government Devices
Bys sA bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices. The post House Lawmakers Push to Ban AI App DeepSeek From US Government Devices appeared first on SecurityWeek.
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Bys sCybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers “weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script,” ReliaQuest said in a report shared with
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
Bys sArtificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user’s software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers. “It scans codebases for security vulnerabilities and…
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
Bys sIndian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which…
Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
Bys sRochdi Rais reports: The Clorox Company and its subsidiary, Clorox Services Co., today filed a $380 million lawsuit in California state court against Cognizant Worldwide Ltd. and its New Jersey affiliate, Cognizant Technology Solutions US Corp. The complaint alleges that Cognizant enabled a “catastrophic” cyberattack on Clorox’s corporate network in August 2023 by handing over sensitive…