iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

24/09/2025 0 Comments 0 tags

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very

New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus

24/09/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps with IcedID and Latrodectus. “The exact connection to

How One Bad Password Ended a 158-Year-Old Business

24/09/2025 0 Comments 0 tags

Most businesses don’t make it past their fifth birthday – studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

24/09/2025 0 Comments 0 tags

Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

24/09/2025 0 Comments 0 tags

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

23/09/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system

Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries

23/09/2025 0 Comments 0 tags

Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims

U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN

23/09/2025 0 Comments 0 tags

The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

23/09/2025 0 Comments 0 tags

SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

23/09/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The ShadowV2 botnet, according to Darktrace,