Research
-
Google Unveils OSS Rebuild to Enhance Open Source Security Amid Supply Chain Threats
Google has launched OSS Rebuild, a new initiative designed to bolster the security of open-source package ecosystems by providing build provenance and mitigating software supply chain attacks.
-
New Android Spyware Linked to Iranian Ministry Targets Dissidents Amid Evolving Middle East Tensions
Security researchers have uncovered four new samples of Android spyware linked to Iran’s Ministry of Intelligence, posing a significant threat to dissidents amid rising tensions with Israel. The malware, disguised as VPN apps, exploits recent geopolitical developments to surveil activists and journalists.
-
Chinese Cyber Espionage Campaign Targets Taiwanese Semiconductor Industry
Recent spear-phishing campaigns linked to Chinese state-sponsored groups are targeting Taiwan’s semiconductor industry, emphasizing the vital role of cybersecurity in this critical sector amidst escalating geopolitical tensions.
-
Cybersecurity Researchers Uncover Advanced Matanbuchus 3.0 Malware Targeting Microsoft Teams
Cybersecurity experts have identified a new variant of the Matanbuchus malware that exploits Microsoft Teams. This advanced loader has sophisticated stealth capabilities, enhancing its potential for evading detection and targeting company employees through social engineering tactics.
-
Google Issues Critical Update for Chrome to Address Exploited Security Flaw
Google has released a critical update for its Chrome browser, addressing a high-severity zero-day vulnerability that could allow remote attackers to escape the browser’s sandbox. This update comes on the heels of multiple exploited vulnerabilities earlier this year, underlining the importance of regular browser updates.
-
New Android Malware Campaign Targeting Telegram Users Uncovered
A recent study by BforeAI reveals a malware campaign deceiving Android users into downloading fake Telegram applications from hundreds of malicious domains, utilizing tactics such as QR code redirects and lookalike websites.
-
Trump Administration Allocates $1 Billion for Offensive Cyber Operations Amid Cybersecurity Budget Cuts
The Trump administration plans to invest $1 billion in offensive cyber operations through the Department of Defense, while simultaneously cutting funding for defensive cybersecurity measures. This strategy raises concerns about potential vulnerabilities and retaliatory attacks against U.S. entities.
-
New macOS Malware ZuRu Discovered Targeting Users Through Legitimate Software
Security researchers have identified a new macOS malware called ZuRu, which propagates via trojanized versions of legitimate software such as Termius. Discovered by SentinelOne, the malware adapts techniques to target users seeking trusted apps, reflecting an opportunistic threat landscape for macOS users.
-
New Espionage Group Exploits Microsoft Exchange Zero-Day Vulnerability to Target Chinese High-Tech Industries
A report reveals that the NightEagle Group, an advanced persistent threat, has exploited a zero-day vulnerability in Microsoft Exchange to extract intelligence from Chinese military and tech firms, raising concerns about cyber espionage and the implications for national security.
-
Cybersecurity Firm Uncovers 17,000 Fake News Websites Exploiting Investment Scams
CTM360 has revealed over 17,000 fake news websites exploiting users for online investment scams across 50 countries. These sites simulate credible news sources, misleading victims into fraudulent transactions.
