SecurityHungry.com - Cybersecurity News and Updates
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk."The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor," IBM X-Force researchers Golo Mühr and Joshua Chung said in an analysis published last week.The tech giant's
OpenAI's new GPT-5 Codex model takes on Claude Code
OpenAI is rolling out the GPT-5 Codex model to all Codex instances, including Terminal, IDE extension, and Codex Web (codex.chatgpt.com). [...]
KillSec Ransomware Hits Brazilian Healthcare Software Provider
The ransomware gang breached a "major element" of the healthcare technology supply chain and stole sensitive patient data, according to researchers.
FBI Warns of Threat Actors Hitting Salesforce Customers
The FBI's IC3 recently warned of two threat actors, UNC6040 and UNC6395, targeting Salesforce customers, separately and in tandem.
689,000 Affected by Insider Breach at FinWise Bank
<p>A former FinWise employee gained access to American First Finance customer information.</p><p>The post <a href="https://www.securityweek.com/689000-affected-by-insider-breach-at-finwise-bank/">689,000 Affected by Insider Breach at FinWise Bank</a> appeared first on <a href="https://www.securityweek.com">SecurityWeek</a>.</p>
Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle
<p>Fifteen years after its debut, Zero Trust remains the gold standard in cybersecurity theory — but its uneven implementation leaves organizations both stronger and dangerously exposed.</p><p>The post <a href="https://www.securityweek.com/zero-trust-is-15-years-old-why-full-adoption-is-worth-the-struggle/">Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle</a> appeared first on <a href="https://www.securityweek.com">SecurityWeek</a>.</p>
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we’ll explore what a “browser-based attack” is, and why they’re proving to be so effective. What is a browser-based attack?First, it’s important to establish what a browser-based attack is.In most scenarios, attackers don’t think of themselves as attacking your web browser.
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
In a world where threats are persistent, the modern CISO’s real job isn't just to secure technology—it's to preserve institutional trust and ensure business continuity.This week, we saw a clear pattern: adversaries are targeting the complex relationships that hold businesses together, from supply chains to strategic partnerships. With new regulations and the rise of AI-driven attacks, the
Google confirms fraudulent account created in law enforcement portal
Google has confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) platform that law enforcement uses to submit official data requests to the company [...]
Google confirms hackers gained access to law enforcement portal
Google has confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) platform that law enforcement uses to submit official data requests to the company [...]
Silent Push Raises $10 Million for Threat Intelligence Platform
<p>Silent Push, which provides Indicators of Future Attack, has raised a total of $32 million in funding.</p><p>The post <a href="https://www.securityweek.com/silent-push-raises-10-million-for-threat-intelligence-platform/">Silent Push Raises $10 Million for Threat Intelligence Platform</a> appeared first on <a href="https://www.securityweek.com">SecurityWeek</a>.</p>
FinWise insider breach impacts 689K American First Finance customers
FinWise Bank is warning on behalf of corporate customers that it suffered a data breach after a former employee accessed sensitive files after the end of their employment. [...]
New Phoenix attack bypasses Rowhammer defenses in DDR5 memory
Academic researchers have devised a new variant of Rowhammer attacks that bypass the latest protection mechanisms on DDR5 memory chips from SK Hynix. [...]
Building Resilient IT Infrastructure From the Start
CISA's Secure by Design planted a flag. Now, it's on those who care about safeguarding systems to pick up the torch and take action to secure systems throughout the enterprise.
Terra Security Raises $30 Million for AI Penetration Testing Platform
<p>The Israeli cybersecurity startup plans to expand its offensive security offering to cover more enterprise attack surface.</p><p>The post <a href="https://www.securityweek.com/terra-security-raises-30-million-for-ai-penetration-testing-platform/">Terra Security Raises $30 Million for AI Penetration Testing Platform</a> appeared first on <a href="https://www.securityweek.com">SecurityWeek</a>.</p>
Microsoft: Exchange 2016 and 2019 reach end of support in 30 days
Microsoft has reminded administrators again that Exchange 2016 and Exchange 2019 will reach the end of extended support next month and has provided guidance for decommissioning outdated servers. [...]
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index (PyPI) repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes.Dubbed Villager, the framework is assessed to be the work of Cyberspike, which has positioned the tools as a red teaming
Microsoft to force install the Microsoft 365 Copilot app in October
Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices outside of the EEA region that have the Microsoft 365 desktop client apps. [...]
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
Chinese-speaking users are the target of a search engine optimization (SEO) poisoning campaign that uses fake software sites to distribute malware."The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites," Fortinet FortiGuard Labs researcher Pei Han Liao said. "By using convincing language and small character
FBI Shares IoCs for Recent Salesforce Intrusion Campaigns
<p>The cybercrime groups tracked as UNC6040 and UNC6395 have been extorting organizations after stealing data from their Salesforce instances.</p><p>The post <a href="https://www.securityweek.com/fbi-shares-iocs-for-recent-salesforce-intrusion-campaigns/">FBI Shares IoCs for Recent Salesforce Intrusion Campaigns</a> appeared first on <a href="https://www.securityweek.com">SecurityWeek</a>.</p>