-
Sekoia.io’s Threat Detection and Response (TDR) team has uncovered a sophisticated campaign by APT28 that weaponizes Signal Messenger to deploy two previously undocumented malware families—BeardShell and the Covenant framework. In early 2025, a trusted…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new supply chain attack has compromised multiple npm packages maintained by the crowdstrike-publisher account, marking a worrying continuation of the so-called “Shai-Halud attack.” Developers and organizations using these packages should take immedia…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major data breach at American First Finance, LLC has exposed sensitive information for nearly 700,000 customers. The breach, which occurred on May 31, 2024, was discovered over a year later on June 18, 2025. An ex-employee of the financial services f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in LG’s WebOS for smart TVs, allowing an attacker on the same local network to bypass authentication mechanisms and achieve full control over the device. The flaw, which affects models like the LG WebOS 43UT8050, enables unauthenticated attackers to gain root access, install malicious applications, and completely compromise the […] The post LG WebOS TV Vulnerability Let Attackers Bypass Authentication and Enable Full Device Takeover appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Late in the summer of 2025, cybersecurity researchers uncovered a sophisticated spearphishing campaign targeting Ukrainian military personnel via the Signal messaging platform. The operation, dubbed “Phantom Net Voxel,” begins with a malicious Office document sent through private Signal chats, masquerading as urgent administrative forms or compensation requests. Upon opening, the document’s embedded macros drop a […] The post New APT28 Attack Via Signal Messenger Delivers BeardShell and Covenant Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury retail giant Kering has confirmed a major data breach affecting its top fashion houses, including Gucci, Balenciaga, and Alexander McQueen. The cybercriminal group known as Shiny Hunters claims to have stolen private details tied to as many as 7…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical authentication bypass vulnerability in the Case Theme User WordPress plugin has emerged as a significant security threat, allowing unauthenticated attackers to gain administrative access to websites by exploiting the social login functionality. The vulnerability, tracked as CVE-2025-5821 with a CVSS score of 9.8, affects all versions of the plugin up to 1.0.3 and […] The post WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing supply chain attack has compromised multiple npm packages published by CrowdStrike, extending a malicious campaign known as the “Shai-Halud attack.” The incident, which involves the same malware previously used to target the popular tinycolor package, highlights the persistent threat of supply chain vulnerabilities within the open-source ecosystem. The npm registry acted swiftly to […] The post CrowdStrike npm Packages Compromised in Ongoing Supply Chain Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, threat actors have begun exploiting the Model Context Protocol (MCP)—a universal “plug-in bus” designed to streamline AI-assistant integrations—as a novel supply chain attack vector. MCP servers allow AI assistants and development tools to translate natural-language requests into executable commands, but this convenience comes at a steep price: unvetted MCP servers can run […] The post Threat Actors Can Weaponize MCP Servers To Harvests Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As more companies move their critical systems and data to Amazon Web Services (AWS), attackers are finding new ways to stay hidden inside cloud environments. AWSDoor is a tool designed to simplify and automate persistence techniques in AWS. Persistence…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
