CyberAlerts

All Star Flooring, Inc. falls victim to EMBARGO Ransomware

Description: All Star Flooring, Inc. falls victim to EMBARGO Ransomware

Source: DarkWebInformer

May 26th, 2025 (25 days ago)

Alleged Data Breach of Istanbul Senin

Description: Alleged Data Breach of Istanbul Senin

Source: DarkWebInformer

May 26th, 2025 (25 days ago)

CVE-2025-37992

net_sched: Flush gso_skb list too during ->change()

Description: In the Linux kernel, the following vulnerability has been resolved: net_sched: Flush gso_skb list too during ->change() Previously, when reducing a qdisc's limit via the ->change() operation, only the main skb queue was trimmed, potentially leaving packets in the gso_skb list. This could result in NULL pointer dereference when we only check sch->limit against sch->q.qlen. This patch introduces a new helper, qdisc_dequeue_internal(), which ensures both the gso_skb list and the main queue are properly flushed when trimming excess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie) are updated to use this helper in their ->change() routines.

EPSS Score: 0.03%

Source: CVE

May 26th, 2025 (25 days ago)

Alleged Sale of 100,000 Credit Cards

Description: Alleged Sale of 100,000 Credit Cards

Source: DarkWebInformer

May 26th, 2025 (25 days ago)

Detecting Malicious Security Product Bypass Techniques

Description: "defendnot" bypasses Windows Defender using undocumented APIs. Learn detection strategies and robust defenses against this sophisticated evasion technique.

Source: Huntress Blog

May 26th, 2025 (25 days ago)

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

Description: As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under three different accounts, come with an install‑time script that's triggered during npm install, Socket security researcher Kirill Boychenko said in a

Source: TheHackerNews

May 26th, 2025 (25 days ago)

The CIA Secretly Ran a Star Wars Fan Site

Description: The site, starwarsweb.net, was a covert CIA communications tool. It has pictures of Yoda and C-3PO on it.

Source: 404 Media

May 26th, 2025 (25 days ago)

Adidas Hit by Third Customer Data Breach Linked to Support Systems

Description: German sportswear giant Adidas has confirmed that an unauthorized third party accessed customer data through a third-party customer service provider, marking the third publicly known incident involving the sportswear giant’s customer service systems in recent weeks. According to an official statement published on its website, the breach primarily affected individuals who previously contacted Adidas’ customer … The post Adidas Hit by Third Customer Data Breach Linked to Support Systems appeared first on CyberInsider.

Source: CyberInsider

May 26th, 2025 (25 days ago)

ICYMI: A Look Back at Exposure Management Academy Highlights

Description: Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, we look back on some highlights from the first couple of months of posts, including the broad view exposure management provides, business impact and getting to a single pane of glass. You can read the entire Exposure Management Academy series here.Since we started the Exposure Management Academy in March, we’ve covered a range of topics with contributions from many of Tenable’s industry experts. In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant.Exposure management provides a broader viewIf you’re wondering about exposure management, you should pay attention to Arnie Cabral. He’s on the front lines as we move to exposure management internally. Cabral wrote that Tenable’s shift began with a simple realization.“We knew that, although it is critical to modern cybersecurity, vulnerability management alone doesn’t provide a complete picture of cyber risk,” he wrote. He added that traditional vulnerability management involves scanning assets for known vulnerabilities and remediating them based on severity scores. “However, true security risk management requires a broader view that includes misconfigurations, attack surface visibility and real-time threat intelligence...

Source: Tenable Blog

May 26th, 2025 (25 days ago)

Google claims users find ads in AI search 'helpful'

Description: Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful." [...]

Source: BleepingComputer

May 26th, 2025 (25 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	All Star Flooring, Inc. falls victim to EMBARGO Ransomware Description: All Star Flooring, Inc. falls victim to EMBARGO Ransomware Source: DarkWebInformer May 26th, 2025 (25 days ago)
	Alleged Data Breach of Istanbul Senin Description: Alleged Data Breach of Istanbul Senin Source: DarkWebInformer May 26th, 2025 (25 days ago)
CVE-2025-37992	net_sched: Flush gso_skb list too during ->change() Description: In the Linux kernel, the following vulnerability has been resolved: net_sched: Flush gso_skb list too during ->change() Previously, when reducing a qdisc's limit via the ->change() operation, only the main skb queue was trimmed, potentially leaving packets in the gso_skb list. This could result in NULL pointer dereference when we only check sch->limit against sch->q.qlen. This patch introduces a new helper, qdisc_dequeue_internal(), which ensures both the gso_skb list and the main queue are properly flushed when trimming excess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie) are updated to use this helper in their ->change() routines. EPSS Score: 0.03% Source: CVE May 26th, 2025 (25 days ago)
	Alleged Sale of 100,000 Credit Cards Description: Alleged Sale of 100,000 Credit Cards Source: DarkWebInformer May 26th, 2025 (25 days ago)
	Detecting Malicious Security Product Bypass Techniques Description: "defendnot" bypasses Windows Defender using undocumented APIs. Learn detection strategies and robust defenses against this sophisticated evasion technique. Source: Huntress Blog May 26th, 2025 (25 days ago)
	Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto Description: As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under three different accounts, come with an install‑time script that's triggered during npm install, Socket security researcher Kirill Boychenko said in a Source: TheHackerNews May 26th, 2025 (25 days ago)
	The CIA Secretly Ran a Star Wars Fan Site Description: The site, starwarsweb.net, was a covert CIA communications tool. It has pictures of Yoda and C-3PO on it. Source: 404 Media May 26th, 2025 (25 days ago)
	Adidas Hit by Third Customer Data Breach Linked to Support Systems Description: German sportswear giant Adidas has confirmed that an unauthorized third party accessed customer data through a third-party customer service provider, marking the third publicly known incident involving the sportswear giant’s customer service systems in recent weeks. According to an official statement published on its website, the breach primarily affected individuals who previously contacted Adidas’ customer … The post Adidas Hit by Third Customer Data Breach Linked to Support Systems appeared first on CyberInsider. Source: CyberInsider May 26th, 2025 (25 days ago)
	ICYMI: A Look Back at Exposure Management Academy Highlights Description: Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, we look back on some highlights from the first couple of months of posts, including the broad view exposure management provides, business impact and getting to a single pane of glass. You can read the entire Exposure Management Academy series here.Since we started the Exposure Management Academy in March, we’ve covered a range of topics with contributions from many of Tenable’s industry experts. In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant.Exposure management provides a broader viewIf you’re wondering about exposure management, you should pay attention to Arnie Cabral. He’s on the front lines as we move to exposure management internally. Cabral wrote that Tenable’s shift began with a simple realization.“We knew that, although it is critical to modern cybersecurity, vulnerability management alone doesn’t provide a complete picture of cyber risk,” he wrote. He added that traditional vulnerability management involves scanning assets for known vulnerabilities and remediating them based on severity scores. “However, true security risk management requires a broader view that includes misconfigurations, attack surface visibility and real-time threat intelligence... Source: Tenable Blog May 26th, 2025 (25 days ago)
	Google claims users find ads in AI search 'helpful' Description: Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful." [...] Source: BleepingComputer May 26th, 2025 (25 days ago)