Security News

Infosec experts fear China could retaliate against tariffs with a Typhoon attack
2025-04-10 11:00

Scammers are already cashing in with fake invoices for import costs World War Fee As the trade war between America and China escalates, some infosec and policy experts fear Beijing will strike...

Who's calling? The threat of AI-powered vishing attacks
2025-04-09 14:07

AI is making voice phishing (vishing) more dangerous than ever, with scammers cloning voices in seconds to trick employees into handing over their credentials. Learn how to defend your...

New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner
2025-04-09 11:38

A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver a previously undocumented malware...

CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks
2025-04-09 08:00

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV) catalog,...

That massive GitHub supply chain attack? It all started with a stolen SpotBugs token
2025-04-07 20:11

But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow -...

Google fixes Android zero-days exploited in attacks, 60 other flaws
2025-04-07 17:55

Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks. [...]

PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
2025-04-07 07:29

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing...

The rise of compromised LLM attacks
2025-04-07 04:00

In this Help Net Security video, Sohrob Kazerounian, Distinguished AI Researcher at Vectra AI, discusses how the ongoing rapid adoption of LLM-based applications has already introduced new...

Australian pension funds hit by wave of credential stuffing attacks
2025-04-04 16:12

Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members' accounts. [...]

DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns
2025-04-04 16:04

Hackers now use AI and botnets to launch powerful DDoS attacks, bypassing security and overwhelming servers as law enforcement struggles to keep up.