Information Security

Global Malvertising Campaign Exploits Trusted Software Installers

Details: Parent Category: News:; Category: Information Security

A major malvertising operation known as TamperedChef is tricking users worldwide into installing malware disguised as legitimate software installers. According to Acronis Threat Research Unit (TRU), attackers are deploying fake versions of common tools to establish persistent access and deliver a JavaScript-based backdoor for remote control. The campaign remains active, supported by search engine manipulation, fake ads, and abused digital certificates—all intended to boost credibility and evade security detection.

Cloudflare Outage Disrupts Major Websites Worldwide

Details: Parent Category: News:; Category: Information Security

A global Cloudflare outage briefly impacted access to major websites and online services on Tuesday, causing intermittent failures across platforms including OpenAI, Spotify, X (formerly Twitter), and numerous telecom and media sites. Users reported that pages either would not load or lacked key content, and even Downdetector—which tracks service disruptions—became temporarily unavailable. Cloudflare acknowledged the issue and began gradually restoring service approximately three hours after the problem began.

New ChatGPT Vulnerabilities Expose Risks of Prompt Injection Attacks

Details: Parent Category: News:; Category: Information Security

Cybersecurity researchers at Tenable have uncovered seven vulnerabilities in OpenAI’s ChatGPT, specifically affecting its GPT-4o and GPT-5 models. These flaws could allow attackers to steal personal data from users’ memories and chat histories without their knowledge. OpenAI has since patched several of the issues, which were found to make the chatbot susceptible to indirect prompt injection attacks—a manipulation technique that tricks large language models into executing hidden or malicious commands.

Researchers Uncover Critical “Tainted Memories” Flaw in OpenAI’s ChatGPT Atlas Browser

Details: Parent Category: News:; Category: Information Security

Cybersecurity firm LayerX Security has discovered a serious vulnerability in OpenAI’s new ChatGPT Atlas browser that could allow attackers to inject malicious instructions directly into a user’s ChatGPT memory. Dubbed “ChatGPT Tainted Memories,” the flaw enables remote code execution and account compromise without user awareness.

Chinese Threat Actors Harness AI to Launch Autonomous Cyber Attacks

Details: Parent Category: News:; Category: Information Security

In mid-September 2025, state-sponsored cyber actors from China exploited Anthropic’s AI technology, specifically Claude Code, to orchestrate automated attacks on roughly 30 high-value global targets, including tech firms, financial institutions, chemical manufacturers, and government agencies.

European Authorities Dismantle €600 Million Crypto Fraud Network

Details: Parent Category: News:; Category: Information Security

A major international investigation led by Eurojust, the European Union’s judicial cooperation agency, has resulted in the arrest of nine individuals accused of running a large-scale cryptocurrency investment scam. The operation, supported by prosecutors from France, Belgium, Spain, Germany, and Cyprus, targeted a network allegedly behind a series of fake crypto investment websites.

Lazarus-linked actors target Web3 and blockchain with “GhostCall” and “GhostHire”

Details: Parent Category: News:; Category: Information Security

Security researchers say a North Korea–linked Lazarus sub-group (known as BlueNoroff and by multiple APT aliases) is running twin campaigns — GhostCall and GhostHire — aimed at the Web3 and blockchain ecosystem.

Practical Steps to Helping Your Business Avoid or Survive a Ransomware Attack

Details: Parent Category: News:; Category: Information Security

Running a business today can be likened to trying to navigate a digital minefield. You know there are dangers all around, but knowing where they are and how to avoid them is rarely an easy task.

Kaspersky Uncovers ‘Dante’ Spyware in Global Espionage Campaign

Details: Parent Category: News:; Category: Information Security

Kaspersky researchers have exposed Operation ForumTroll, a cyber-espionage campaign using “Dante,” a new spyware tool developed by Memento Labs, the rebranded successor of the infamous Hacking Team.

Attackers Exploit Internal OAuth Apps to Maintain Stealthy Cloud Access

Details: Parent Category: News:; Category: Information Security

Cybercriminals are increasingly abusing internal OAuth-based applications to gain long-term access to enterprise cloud environments, according to new research from Proofpoint. These malicious applications can remain undetected for extended periods, allowing attackers to retain access to high-privileged accounts even after password resets or multi-factor authentication (MFA) enforcement. Because OAuth tokens authorize access without requiring credentials, they offer a covert way for attackers to persist inside compromised systems.

Cl0p Ransomware Group Claims Oracle E-Business Suite Attacks Impacting Nearly 30 Organizations

Details: Parent Category: News:; Category: Information Security

Cybercriminals have allegedly targeted almost 30 organizations in a coordinated campaign exploiting Oracle’s E-Business Suite (EBS) enterprise resource planning software. The operation, which began in late September, involved extortion emails sent to senior executives and is believed to be the work of the financially motivated threat group known as FIN11.

Cybercriminals Target Trucking Firms with Remote Access Tools to Steal Cargo

Details: Parent Category: News:; Category: Information Security

Cybercriminals are increasingly targeting trucking and logistics companies with remote monitoring and management (RMM) software to infiltrate systems, gain control, and ultimately steal physical freight, according to Proofpoint. The threat group, active since mid-2025, appears to be working with organized crime networks to bid on and divert legitimate shipments—most often food and beverage cargo that is later sold online or shipped overseas.

Invoicely Data Leak Exposes Nearly 180,000 Sensitive Business and Personal Records

Details: Parent Category: News:; Category: Information Security

A massive data exposure linked to the invoicing and billing platform Invoicely left nearly 180,000 private files accessible online without password protection or encryption.

Page 2 of 60

Open Source Content Management

Nav view search

Navigation

Search