-
Commercial surveillance vendors have evolved from niche technology suppliers into a sophisticated multi-billion-dollar ecosystem that poses unprecedented threats to journalists, activists, and civil society members worldwide. A comprehensive new report by Sekoia.io’s Threat Detection & Research team reveals how these private companies have industrialized spyware deployment, transforming targeted surveillance from isolated technical components into fully […] The post New Report on Commercial Spyware Vendors Detailing Their Targets and Infection Chains appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated spear-phishing campaign orchestrated by Iranian-aligned operators has been identified targeting diplomatic missions worldwide through a compromised Ministry of Foreign Affairs of Oman mailbox. The attack, discovered in August 2025, represents a continuation of tactics associated with the Homeland Justice group connected to Iran’s Ministry of Intelligence and Security (MOIS). The campaign leveraged social […] The post Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
When you’re in a SOC, speed is everything. The earlier you detect and confirm an intrusion, the faster you can contain it, and the less damage it does to your organization. But raw indicators of compromise (IOCs) like hashes, IPs, or domains often fall short on their own. They raise a flag, but without context, […] The post How IOC Feeds Streamline Incident Response and Threat Hunting for Best SOC Teams appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated network of Ukrainian-based autonomous systems has emerged as a significant cybersecurity threat, orchestrating large-scale brute-force and password-spraying attacks against SSL VPN and RDP infrastructure. Between June and July 2025, these malicious networks launched hundreds of thousands of coordinated attacks over periods lasting up to three days, targeting critical enterprise remote access systems. The […] The post Ukrainian Networks Launch Massive Brute-Force and Password-Spraying Campaigns Targeting SSL VPN and RDP Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury automaker Jaguar Land Rover (JLR) has been forced to halt production at its Halewood plant and shut down its global IT infrastructure following a significant cybersecurity incident. The breach, which was first reported on Monday, September 1, has led to a widespread operational crisis, with the company taking immediate action to mitigate the attack’s […] The post Jaguar Land Rover Confirms Cybersecurity Incident Impacts Global IT Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered WhatsApp scam has begun circulating on messaging platforms, exploiting the popular device linking feature to seize full control of user accounts. The attack unfolds when recipients receive what appears to be a harmless message from a known contact, typically stating “Hi, I accidentally found your photo!” accompanied by a shortened URL. Once […] The post New WhatsApp Scam Alert Tricks Users to Get Complete Access to Your WhatsApp Chats appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to access and control smart devices without any valid credentials. Discovered and reported by security researcher jesser…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity vendor Palo Alto Networks disclosed that its Salesforce environment was breached through a compromised Salesloft Drift integration, marking the latest in a series of supply chain attacks targeting customer relationship management platform…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has firmly rejected widespread reports suggesting it issued a global security alert to its 2.5 billion Gmail users, calling such claims “entirely false”. The tech giant moved swiftly to clarify the situation after viral headlines spa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document‐sharing notifications. The Stripe OLT SOC has identified this sophisticated attack, which leverag…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
