Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Wired

144

Image Credit: Wired

RFK Jr. Orders HHS to Give Undocumented Migrants’ Medicaid Data to DHS

Protests against the Trump administration, including military involvement in LA, Predator drones flying over LA, self-driving taxis used for surveillance, and DIY alert systems for ICE raids by the undocumented community.
Concerns about data privacy with revelations about sharing domestic US flight data with CBP, Apple's AI strategy prioritizing privacy, and a bug allowing access to Google account phone numbers.
RFK Jr. orders HHS to provide undocumented migrants' Medicaid data to DHS, raising legal concerns and erosion of public trust.
Italian journalists hacked with Israeli spyware, Ukrainian hack into Russian aerospace company Tupolev, and international law enforcement takedown of infostealer infrastructure.
Meta sues a nudify app for advertising on Instagram, aiming for a crackdown on deepfake apps.

Read Full Article

8 Likes

Securityaffairs

Image Credit: Securityaffairs

Palo Alto Networks fixed multiple privilege escalation flaws

Palo Alto Networks addressed multiple privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products.
The company fixed seven privilege escalation flaws and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser.
The most severe vulnerability, CVE-2025-4232, allows authenticated code injection through wildcard on macOS with a CVSS score of 7.1.
A vulnerability in the log collection feature of GlobalProtect app on macOS allows non-admin users to escalate privileges to root.
Palo Alto Networks also addressed a PAN-OS Authenticated Admin Command Injection Vulnerability (CVE-2025-4231) affecting the Management Web Interface.
The company fixed a PAN-OS flaw (CVE-2025-4228) exposing unencrypted SD-WAN data and a Cortex XDR Broker VM bug allowing attackers to escalate privileges to root.
Palo Alto Networks is not aware of any attacks exploiting these vulnerabilities in the wild.

Read Full Article

2 Likes

Dev

Image Credit: Dev

A Guide to Phishing Websites and Malicious Link Checkers

Phishing websites impersonate legitimate platforms to deceive users into disclosing sensitive information like usernames and passwords.
Common tactics include URL spoofing, fake HTTPS, and social engineering to distribute malicious links via email or social media.
Risks associated with malicious links include credential theft, malware infections, and privacy breaches.
Ways to spot suspicious links involve checking domains, inspecting SSL certificates, unshortening URLs, and watching for red flags like typos or poor design.
Malicious link checkers work by comparing URLs against threat databases, sandbox analysis, and reputation scoring.
Free malicious link checkers include VirusTotal, Google Safe Browsing Transparency Report, ScyScan, Sucuri SiteCheck, and PhishTank.
Best practices for protection include using DNS filtering, enabling multi-factor authentication, conducting regular security training, and implementing real-time monitoring with SIEM tools.

Read Full Article

3 Likes

TechJuice

159

Image Credit: TechJuice

Over 269,000 Websites Infected in Massive JSFireTruck Malware Attack

A massive cyber campaign has infected over 269,000 websites with JSFireTruck malware, posing a global threat.
Palo Alto Networks Unit 42 detected a surge in JavaScript infections between March 26 and April 25, 2025.
JSFireTruck malware leverages obfuscated JavaScript code, impacting numerous legitimate websites.
The injected script redirects users arriving from search engines to malicious destinations.
The attack is linked to the HelloTDS traffic distribution service, using multi-layered infrastructure.
JSFireTruck and HelloTDS blend stealth with scale, complicating detection and defense efforts.
Any user visiting compromised sites via search engines could be at risk of redirection.
Webmasters are advised to scan for obfuscated JavaScript, while users can use adblockers or script-blocking plugins for protection.
Regularly updating security tools and staying informed on cybersecurity alerts is essential to mitigate the JSFireTruck threat.

Read Full Article

9 Likes

Discover more

Medium

266

Image Credit: Medium

Ghosts in the Network: What Your Digital Footprint Reveals?

Your digital footprint, or digital shadow, is the invisible track you leave behind when using the internet, becoming a detailed personality sketch.
Technology companies track your habits, predicting your behavior and influencing your decisions such as purchases, mood, and relationships.
Every online action, even if you don't post, contributes to your digital presence and can impact your life in various ways.
Your digital shadow can be exploited by cybercriminals, advertisers, and others for financial gain or to manipulate your opportunities.
Information shared online can have lasting consequences, affecting job prospects, school applications, and personal reputation.
Once data is online, it's challenging to completely erase it, emphasizing the importance of being cautious about what you share.
Maintain awareness and responsibility online by managing privacy settings, limiting data exposure, and considering the long-term implications of postings.
Protect your online identity by regularly checking for breaches, minimizing personal information disclosure, and reflecting on the necessity of sharing.
Living wisely in the digital age involves being conscious rather than fearful, understanding the power you have in shaping your digital presence.
The internet learns about us quietly, emphasizing the need to make intentional choices and remain aware of the lasting impact of our online actions.

Read Full Article

16 Likes

Securityaffairs

Image Credit: Securityaffairs

Unusual toolset used in recent Fog Ransomware attack

Fog ransomware operators used unusual pentesting and monitoring tools in a May 2025 attack on an Asian financial firm, as reported by Symantec researchers.
The attackers utilized rare tools like Syteca monitoring software, GC2, Adaptix, and Stowaway, which are uncommon in ransomware campaigns.
After the attack, the attackers established a service for maintaining access, demonstrating a rare persistence move, and remained undetected in the network for two weeks before deploying the ransomware.
Fog ransomware has been active since at least May 2024, initially targeting U.S. schools through compromised VPNs and later exploiting a Veeam VBR vulnerability.
In April 2025, the attackers shifted to email-based infections, employing provocative tactics in ransom notes to infect victims and offering free decryption in exchange for infecting others.
While the initial infection vector in the recent Fog ransomware attack remains unknown, experts suspect Exchange Servers may have played a role.
The attackers' toolkit included uncommon tools like GC2 for C2 communication, Syteca for monitoring, Stowaway for delivery, and PsExec/SMBExec for lateral movement, indicating espionage motives.
Additionally, tools like Adaptix C2, FreeFileSync, MegaSync, and Process Watchdog were used for data theft, maintaining persistence, and controlling the compromised network.
The atypical toolset and post-deployment persistence in the attack suggest potential espionage motives of the attackers, using ransomware possibly as a decoy or secondary goal.
The report highlights the possibility of the company being targeted for espionage, with ransomware serving as a diversion or profit-making tactic alongside espionage activities.
The use of uncommon tools in the ransomware attack is a noteworthy observation for businesses seeking to defend against malicious actors, according to the researchers.
Overall, the attack's unique characteristics and toolset underscore the need for enhanced cybersecurity measures and vigilance against sophisticated threat actors.
The presence of indicators of compromise in the report provides valuable insights for organizations to bolster their defenses.
Follow @securityaffairs on Twitter, Facebook, and Mastodon for related updates and news.
The article was authored by Pierluigi Paganini and covers details on the hacking incident involving Fog ransomware.
SecurityAffairs reports on hacking incidents and cybersecurity matters related to Fog ransomware.

Read Full Article

Medium

328

Image Credit: Medium

Tor Browser: A Gateway to True Anonymity or a Shortcut to Crime?

Tor Browser, short for 'The Onion Router,' offers anonymity by routing internet traffic through encrypted relays globally, making tracing difficult.
Data sent through Tor is encrypted multiple times and passes through random relays before reaching its destination.
Tor is beneficial for journalists, activists, and citizens in censored countries, providing a shield against tracking and censorship.
While not completely foolproof, Tor's anonymity is stronger than standard browsers, but user actions can compromise it.
Despite its privacy benefits, Tor is also popular among criminals due to its anonymity, serving as a gateway to the Dark Web.
The Dark Web, accessed through Tor, hosts illicit activities like drug sales, weapon trafficking, and hacking services.
Governments struggle to combat cybercrime on Tor, viewing it as a challenge to track criminal activities facilitated by the platform.
The ethical dilemma around Tor arises from its dual nature, being used for both noble purposes and criminal endeavors.
Tor's usage is subjective, with arguments for both its positive impact on privacy and negative influence on enabling malicious actions.
The future of Tor hinges on the balance between privacy and security, necessitating a nuanced approach to address its misuse while safeguarding civil liberties.

Read Full Article

19 Likes

Medium

232

Image Credit: Medium

Oops! That App You Love Might Be Spying on You

Users can unknowingly provide a wealth of personal data to their favorite apps and services.
Hackers target everyday apps and loyalty programs due to the trust users place in them.
Personal information like email, phone number, birthdate, GPS location, and more can be at risk.
Unknowingly sharing information can lead to hacking incidents and identity theft.
The Wild West of everyday app hacks and loyalty card disasters exposes users' vulnerabilities.

Read Full Article

13 Likes

Medium

261

MaAvatar: Step Into a New World of Web3 Expression and Empowerment

MaAvatar is a Web3-native identity ecosystem that combines avatars, quests, rewards, and storytelling.
Users' avatars in MaAvatar evolve based on their actions, achievements, and experiences in the metaverse.
MaAvatar allows gamers, collectors, creators, and explorers to express themselves and their values on-chain.
The platform offers dynamic Web3 identity that changes with user activities and interactions.
MaAvatar provides gamified quests, tasks, and challenges that engage users and offer rewards.
Users earn MAAV Points for various actions, unlocking token & NFT airdrops, whitelist access, ambassador tiers, and more.
The MaAvatar community emphasizes collaboration, events, and shared storytelling.
It reintroduces personality and presence in the Web3 space, offering digital self a narrative beyond just data points.
MaAvatar serves as a universal identity and a shared experience in the increasingly fragmented Web3 world.
To begin, users can claim a MaAvatar, join Zealy, complete quests, earn rewards, and explore.
MaAvatar aims to make users part of the blockchain's essence and lets their stories unfold.
The platform provides an opportunity for users to engage with the evolving Web3 landscape.
MaAvatar signifies a shift towards personal narratives and community-driven experiences in the Web3 realm.
Users are encouraged to participate, earn rewards, and contribute to the collective narrative of MaAvatar.
The platform offers a way for users to establish a dynamic digital presence in the Web3 ecosystem.
MaAvatar embodies the essence of Web3, blending identity, rewards, and storytelling into a cohesive experience.

Read Full Article

15 Likes

Medium

226

Image Credit: Medium

The Hidden Cost of Free: How AI, Apps, and Crypto Are Exploiting Your Data, Especially in Africa…

Smartphone growth in Africa and Asia poses privacy risks to users, with popular apps like Facebook, Instagram, and TikTok collecting extensive data.
Dark patterns and weak laws contribute to data exploitation by apps in these regions, raising concerns about user awareness.
AI technologies such as voice assistants and chatbots also gather user data, as seen in cases like Google contractors listening to private voice messages.
The illusion of anonymity in crypto transactions can lead to the collection of sensitive data like wallet IDs and IP addresses.
Issues with personal data collection extend to crypto mining apps like PI Network, which request significant personal information for access.
Lack of government intervention, outdated laws, and dependence on foreign tech contribute to data privacy violations in African and Asian nations.
Open source tools like Signal and Firefox offer more transparent and secure alternatives for privacy-critical activities.
Recommendation to use open source tools for messaging, browsing, and file storage to enhance privacy protection.
Suggestions include using the Brave browser to access apps via web versions and turning off unnecessary permissions like microphone and camera access.
Advocacy for utilizing private VPNs like Mullvad and avoiding social media logins to prevent extensive tracking by tech companies.
Awareness on data privacy rights and the importance of questioning the practices of apps, crypto tools, and smartphones to safeguard personal information.

Read Full Article

13 Likes

Hackernoon

Image Credit: Hackernoon

How Do Hackers Get Phishing Emails Past Filters?

Phishing emails continue to bypass filters with tactics such as social engineering, email cloning, and exploiting technical loopholes.
Social engineering is a prevalent tactic, exploiting human psychology to create a sense of urgency and fear, making users more likely to interact with malicious emails.
Attackers use clone phishing to create emails that closely mimic legitimate ones, increasing the chances of evading security filters.
Technical loopholes like homograph spoofing and open redirects trick systems into allowing malicious emails through despite advancements in email security.
Phishing emails avoid triggering spam filters by using neutral language, omitting suspicious keywords, and minimizing content to evade detection.
Hackers employ automation tools to generate customized phishing campaigns with randomized subject lines and varied phrasing, making it challenging for filters to detect patterns.
Users' overreliance on email filters can lead to a false sense of security and lower vigilance, increasing susceptibility to phishing attacks that bypass these defenses.
To mitigate phishing risks, deploying advanced language model detection tools, strengthening domain authentication protocols, using blockchain for email verification, and restricting link access are recommended.
While email filters provide protection, supplementing with additional security measures and educating users about phishing risks are crucial in combating evolving cyber threats.

Read Full Article

2 Likes

Dev

362

Image Credit: Dev

Security news weekly round-up - 13th June 2025

Malware and vulnerabilities continue to pose threats, requiring defense efforts and user education.
Low-cost Android devices housing active malware for almost a decade raise significant concerns.
New supply chain malware targets npm and PyPI ecosystems, compromising millions globally.
Vulnerabilities in Google services allowed access to users' phone numbers, patched after researcher discovery.
Scammers exploit AI to commit financial aid theft, causing significant disruptions for victims.
'EchoLeak' AI attack enables data theft via Microsoft 365 Copilot, exploiting a zero-click vulnerability.
EchoLeak attack involves prompting Copilot to gather and send sensitive data without user interaction.
Threat landscape showcases evolving tactics employing technology for malicious purposes.
Effective security practices like development environment segregation and vigilance are emphasized.
Revealing vulnerabilities and addressing security lapses remain crucial for protection against digital threats.

Read Full Article

21 Likes

Securityaffairs

146

Image Credit: Securityaffairs

A cyberattack on United Natural Foods caused bread shortages and bare shelves

United Natural Foods Inc. (UNFI) was hit by a cyberattack on June 5, causing disruptions in deliveries and shortages at Whole Foods stores nationwide.
The cyberattack affected UNFI's ability to fulfill and distribute customer orders, causing temporary disruptions to its operations.
Details about the attack were not disclosed by United Natural Foods, but similar incidents in the past have been linked to ransomware attacks.
Whole Foods stores experienced significant shortages, with shelves left bare and inadequate shipments due to communication issues with UNFI.
Employees from various Whole Foods locations reported bread and supply shortages as a result of the cyberattack.
UNFI has begun the process of restoring systems, but a clear recovery timeline has not been provided.
The cyberattack's impact extended beyond Whole Foods, affecting smaller retailers like the Community Food Co-Op in Bellingham, Washington.
The Community Food Co-Op notified customers about sparse shelves and requested limiting purchases to ensure access to essential items during the recovery phase.

Read Full Article

8 Likes

Dev

355

Image Credit: Dev

Mastering GitOps at Scale: Strategies for Multi-Cloud, Hybrid, and Edge

GitOps establishes a Git repository as the source of truth for configurations, with advanced strategies for multi-cloud, hybrid, and edge environments.
Multi-Cloud GitOps unifies diverse cloud infrastructure through treating cloud resources as code within a central Git repository.
Crossplane extends Kubernetes to manage external cloud services declaratively, enabling provisioning and management using Kubernetes-native tooling.
Hybrid Cloud GitOps bridges on-premises and cloud environments by deploying GitOps agents and ensuring configuration consistency.
GitOps for Edge Computing and IoT involves hierarchical repositories, lightweight agents on edge devices, and pull-based mechanisms for management.
Advanced Security & Compliance in GitOps integrates policy-as-code tools for automated enforcement, reducing the attack surface and enforcing immutable infrastructure.
Operational Excellence in GitOps involves scaling considerations like repository structure and observability strategies for monitoring and troubleshooting.
Successful GitOps adoption requires a cultural shift towards a Git-centric workflow and investment in training and collaboration.
GitOps challenges in 2025 emphasize the importance of managing the complexities of GitOps at scale.
GitOps offers benefits in managing distributed landscapes through advanced strategies and principles like declarative infrastructure and application configurations.

Read Full Article

21 Likes

Lastwatchdog

359

News alert: Arsen launches AI-powered vishing simulation to help combat voice phishing at scale

Arsen has launched a new Vishing Simulation module using AI technology to combat voice phishing at scale.
The tool simulates live phone-based social engineering attacks, including impersonating IT support desks.
It adapts dynamically to employees' responses, includes unscripted dialogue, and simulates realistic attacker behavior across languages and accents.
The CEO of Arsen, Thomas Le Coz, emphasizes the importance of using AI to better prepare against modern attacks.
The AI voice engine offers emotionally nuanced, multilingual, and accent-aware voices for realism and customization.
The Vishing Simulation is available as an optional add-on and can be used as a standalone module or bundled into existing licensing agreements.
This simulation enables training every employee with a phone line, benchmarking organizational resilience, and building awareness against voice-based attacks.
Early adopters have praised the realism and interactivity of the simulations, considering them indistinguishable from real attacks.
For more information or to book a demo of the Vishing Simulation module, visit https://arsen.co/en.
Arsen is a cybersecurity company specializing in defense against social engineering attacks, offering a SaaS platform for advanced phishing, vishing, and social engineering simulations.

Read Full Article

21 Likes

For uninterrupted reading, download the app