Latest news as of 4/21/2025, 1:06:09 AM
Bleeping Computer
Swiss cybersecurity firm Prodaft has launched a new initiative called 'Sell your Source' where the company purchases verified and aged accounts on cybercrime forums to conduct threat intelligence operations. [...]
The Register
What's the goal here, Homeland Insecurity or something? As drastic cuts to the US govt's Cybersecurity and Infrastructure Security Agency loom, Rep Eric Swalwell (D-CA), the ranking member of the House's cybersecurity subcommittee, has demanded that CISA brief the subcommittee "prior to any significant changes to CISA's workforce or organizational structure."…
Bleeping Computer
The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029. [...]
Dark Reading
A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.
Dark Reading
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.
Bleeping Computer
A new remote access trojan (RAT) called 'ResolverRAT' is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors. [...]
The Hacker News
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a report shared with The
Check Point Research
Research by: hasherezade Key Points Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: In our previous blog on process injections we explained the foundations of this topic and basic ideas behind detection and prevention. We also proposed a new technique dubbed Thread […] The post appeared first on . Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking Check Point Research
Bleeping Computer
Meta announced today that it will soon start training its artificial intelligence models using content shared by European adult users on its Facebook and Instagram social media platforms. [...]
Dark Reading
A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it's downright difficult to count them all.