isecnews_n8n
-
New Tool ‘Defendnot’ Manipulates Windows Security to Disable Microsoft Defender
The newly developed tool ‘Defendnot’ exploits a Windows Security API to disable Microsoft Defender by masquerading as a fake antivirus product, raising significant security concerns about system manipulations.
-
New Python Backdoor Discovered, Linked to Pro-Ukraine Hackers
ReversingLabs has revealed a new malicious Python package, dbgpkg, designed to create backdoors on developers’ systems, suspected to be linked to a pro-Ukraine hacktivist group targeting Russian interests.
-
Broadcom Faces Data Theft Following Ransomware Attack on Payroll Partner
Broadcom has confirmed a data theft incident following a ransomware attack on its former payroll partner, Business Systems House. The breach affects sensitive employee data, prompting investigations and heightened security measures.
-
Australian Human Rights Commission Reports Data Breach Affecting Sensitive Personal Information
The Australian Human Rights Commission (AHRC) revealed a data breach that exposed sensitive personal information submitted through its online complaint forms, affecting approximately 670 documents. The commission has initiated an investigation and implemented measures to contain the issue.
-
Google Fixes High-Severity Chrome Vulnerability Amid Ongoing Attacks
Google has fixed a critical vulnerability in Chrome, CVE-2025-4664, being actively exploited by attackers. CISA’s inclusion of this flaw in its known exploited vulnerabilities list underscores urgent calls for browser updates among federal agencies and private organizations alike.
-
FBI Alerts of Deepfake Fraud Campaign Targeting US Officials
The FBI has warned of a fraud campaign using deepfake technology to impersonate U.S. officials, aiming to extract sensitive login information from targets. The agency advises vigilance and verification of communications to prevent falling victim to these sophisticated scams.
-
Critical SAP NetWeaver Vulnerability Targeted by Ransomware and APT Groups
Ransomware and Chinese APT groups are exploiting a critical vulnerability in SAP’s NetWeaver, identified as CVE-2025-31324, which has a CVSS score of 10, enabling attackers to execute remote code without authentication.
-
Nova Scotia Power Confirms Data Breach Affecting Customer Information
Nova Scotia Power has confirmed a significant data breach impacting customer information, with the utility offering credit monitoring services to affected individuals.
-
Russian Hackers Exploit Old Vulnerabilities to Target Global Mail Servers
Security firm ESET reports that hackers, likely linked to the Russian government, have exploited long-standing cross-site scripting vulnerabilities to breach multiple high-value mail servers globally, with significant implications for defense contractors in Eastern Europe.
-
Cybersecurity Experts Uncover New PowerShell Attack Leveraging Remcos RAT
Qualys Threat Research Unit reveals a new cyberattack method leveraging PowerShell to deploy Remcos RAT on systems, allowing hackers to operate undetected and carry out unauthorized surveillance and data theft.
