SentinelOne researchers have attributed recent cyberattacks involving the ShadowPad and PurpleHaze malware families to China-aligned threat actors, the company said. The cybersecurity firm’s analysis established the link with what it described as “high confidence,” signaling an escalation in the attribution of sophisticated cyber campaigns targeting global networks. ShadowPad, a modular backdoor framework, and PurpleHaze, a […]
OpenAI has dismantled ten covert influence operations leveraging its artificial intelligence tools, linking the campaigns to state-affiliated actors in China, Russia, Iran and North Korea. The takedowns mark a significant move in the company’s efforts to combat the misuse of generative AI technologies for geopolitical manipulation. According to a report published by Hackread, the terminated […]
A rare cryptomining malware campaign dubbed “Werewolf” has compromised hundreds of devices across Russia, with additional infections reported in Belarus and Kazakhstan. The attacks have primarily targeted industrial enterprises and engineering schools, posing potential risks to critical infrastructure and educational institutions in the region. The malware, designed to hijack computing resources for unauthorized cryptocurrency mining, […]
Honeywell unveiled a new suite of artificial intelligence-powered cybersecurity tools aimed at strengthening operational technology (OT) environments and supporting the transition toward industrial autonomy. The tools are designed to accelerate autonomous operations by enhancing cyber resilience across critical infrastructure and manufacturing systems, according to a company announcement. The AI-driven solutions are tailored for industrial sectors […]
Israel-based spyware vendor Paragon has severed ties with the Italian government following a dispute over an investigation into a cyber intrusion involving a journalist’s phone. The company had offered to assist in an audit to determine whether its technology was used in the alleged hack of journalist Francesco Cancellato’s device. However, Italian authorities declined the […]
A limited set of Canva creator data has been uncovered in a newly leaked database associated with Chroma, a Russian-operated AI chatbot project, according to cybersecurity reporting by Hackread. The exposed data was discovered among files linked to the Chroma platform, which is believed to be used for collecting and processing online information to enhance […]
Microsoft is warning users of a critical vulnerability in Outlook that could allow attackers to execute arbitrary code remotely, despite requiring local access to initiate. Tracked as CVE-2025-47176, the flaw was disclosed on June 10 with a CVSS score of 7.8, rated “Important.” The vulnerability stems from a path traversal issue involving ‘…/…//’ sequences, allowing […]
Interpol has dismantled a major cybercrime operation targeting victims in Asia, taking down 20,000 IP addresses and arresting 32 individuals involved in distributing infostealer malware. The crackdown, conducted under the banner of Operation Secure, aimed to disrupt the infrastructure supporting these malicious campaigns. Infostealer malware is designed to harvest sensitive personal and financial data from […]
A newly discovered cyberattack method, known as “SmartAttack,” leverages smartwatches to exfiltrate sensitive data from air-gapped systems, according to findings reported this week. The technique employs the built-in sensors of smartwatches to receive covert ultrasonic signals emitted by compromised devices within isolated environments. These air-gapped systems, typically disconnected from external networks for enhanced security, are […]
More than 40,000 internet-connected security cameras have been found exposed online, raising concerns over potential espionage, data breaches and privacy violations, according to a report from SC World. The vulnerable devices, lacking adequate protection, could allow unauthorized parties to monitor sensitive areas including data centers, corporate offices, retail locations and private homes. The exposure of […]
Salesforce has patched five software bugs after a series of issues were reported, the customer relationship management (CRM) provider confirmed. The company said it addressed the vulnerabilities internally and emphasized that the remaining 16 reported concerns were the result of customer-side misconfigurations, not flaws in its platform. The disclosure follows heightened scrutiny of cloud application […]
Former affiliates of the Black Basta ransomware group have resurfaced with renewed cyberattack strategies, leveraging familiar and emerging techniques to breach corporate networks, according to a report by ReliaQuest. The attackers continue to rely on email bombing and phishing lures delivered through Microsoft Teams — methods previously linked to their operations — to gain initial […]