News

Threat Intelligence Executive Report – Volume 2025, Number 4

Bys s August 20, 2025

This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during May and June

News

OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
Bys s January 28, 2025

Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. “By exploiting this flaw, attackers can gain unauthorized access to any user’s account within the system, effectively allowing them to impersonate the victim and perform an array of actions on their behalf –…

Read More OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
News

Police arrests 4 Phobos ransomware suspects, seizes 8Base sites
Bys s February 10, 2025

Bill Toulas reports: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. The arrested individuals, two men and two women, are Europeans…

Read More Police arrests 4 Phobos ransomware suspects, seizes 8Base sites
News

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware
Bys s November 25, 2025

Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an information stealer known as StealC V2. “This ongoing operation, active for at least six months, involves implanting malicious .blend files on platforms like CGTrader,” Morphisec researcher Shmuel Uzan said in a report shared with The Hacker News….

Read More Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware
News

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
Bys s February 5, 2025

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0. “A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle…

Read More New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
News

Cyber Insights 2025: OT Security
Bys s February 6, 2025

Just as OT technology differs from IT technology, the threats, likely adversaries, and potential harm also differ. The post Cyber Insights 2025: OT Security appeared first on SecurityWeek.

Read More Cyber Insights 2025: OT Security
News

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions
Bys s January 16, 2025

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that’s designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. “A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications,” Silverfort researcher Dor Segal said in a

Read More Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Similar Posts