The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two new malware families dubbed BEARDSHELL and COVENANT. BEARDSHELL, per CERT-UA, is written in C++ and offers the ability to download and execute PowerShell scripts, […]
Category Archives: Uncategorized
The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign. The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) […]
Like its predecessor, SparkCat, the new malware appears to be going after sensitive data — such as seed phrases for cryptocurrency wallets — in device photo galleries. Go to Source Author: Jai Vijayan, Contributing Writer
An AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate content. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
After President’s Trump decision to enter the US into the conflict in the Middle East, the Department of Homeland Security expects there to be an uptick in Iranian hacktivists and state-sponsored actors targeting US systems. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place. “Unlike traditional jailbreaks that rely on adversarial phrasing or character obfuscation, Echo Chamber weaponizes indirect references, semantic Go to Source […]
The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a “heightened threat environment” in the country, the Department of Homeland Security (DHS) said in […]
The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners. Go to Source Author: Elizabeth Montalbano, Contributing Writer
In a market where security budgets flatten while threats accelerate, improving analyst throughput is fiscal stewardship. Go to Source Author: Erik Willie
Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stage procedure to deploy the malware, French cybersecurity company HarfangLab said. XDSpy is […]