-
A global ad fraud and click fraud operation, dubbed SlopAds, comprising 224 Android apps that collectively amassed more than 38 million downloads across 228 countries and territories. Under the guise of AI-themed utilities, these apps employ advanced o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Conor Brian Fitzpatrick, the 22-year-old founder of BreachForums, has been resentenced to three years in federal prison for operating one of the world’s largest cybercriminal marketplaces. The New York resident was sentenced on September 16, 2025, for creating and administering a platform that facilitated the sale of stolen data and harbored child sexual abuse material […] The post World’s Largest Hacking Forum BreachForums Creator Sentenced to Three Years in Prison appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two cybersecurity industry leaders have made significant announcements regarding their participation in the upcoming MITRE ATT&CK Evaluations, marking a notable shift in how major security vendors approach independent testing validation. Diagram il…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s Digital Crimes Unit (DCU) has seized control of 338 websites facilitating RaccoonO365, the rapidly expanding phishing-as-a-service platform that enables anyone to harvest Microsoft 365 credentials. Acting under a court order from the Southe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Conor Brian Fitzpatrick, the founder and operator of BreachForums, has been resentenced to three more years in prison after a federal appeals court vacated his earlier light sentence. Authorities say Fitzpatrick created and ran one of the world’s large…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malicious advertising campaigns have surged in sophistication, with cybercriminals exploiting and even operating adtech firms to deliver malware, credential stealers and phishing schemes directly through mainstream ad networks. A cluster of interconnec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor who gained initial access through a SonicWall VPN device was able to escalate their attack by finding Huntress recovery codes saved in a plaintext file on a user’s desktop. This allowed the attacker to log into the client’s security portal, where they attempted to remediate incident reports and uninstall security agents to […] The post How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently disclosed vulnerability in the Kubernetes C# client library allows attackers to carry out man-in-the-middle (MiTM) attacks against the API server. The flaw stems from improper certificate validation when using custom certificate authorities …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The developers behind the PureHVNC remote access trojan (RAT) have been uncovered using GitHub repositories to host critical components and plugin source code for their Pure malware family. Check Point Research’s recent forensic analysis of an eight-da…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A denial-of-service flaw in the Linux kernel’s KSMBD (SMB Direct) subsystem has raised alarms across the open-source community. Tracked as CVE-2025-38501, the issue allows a remote, unauthenticated adversary to exhaust all available SMB connections by exploiting the kernel’s handling of half-open TCP sessions. Key Takeaways1. CVE-2025-38501 lets attackers exhaust KSMBD connections via half-open TCP handshakes.2. […] The post Linux Kernel’s KSMBD Subsystem Vulnerability Let Remote Attackers Exhaust Server Resources appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
