TECHZONE™
Open in Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Show more595
Subscribers
No data24 hours
-17 days
-1030 days
Posts Archive
595
CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users
https://thehackernews.com/2025/05/ctm360-identifies-surge-in-phishing.html
A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages.
Cybersecurity researchers at CTM360 revealed that attackers behind Meta Mirage impersonate official Meta communications, tricking users into handing
595
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
https://thehackernews.com/2025/05/earth-ammit-breached-drone-supply.html
A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors.
Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers, while
595
Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team
https://thehackernews.com/2025/05/learning-how-to-hack-why-offensive.html
Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%.
As attacks rise
595
Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails
https://thehackernews.com/2025/05/horabot-malware-targets-6-latin.html
Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina.
The campaign is "using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email
595
Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server
https://thehackernews.com/2025/05/microsoft-fixes-78-flaws-5-zero-days.html
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild.
Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them
595
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
https://thehackernews.com/2025/05/fortinet-patches-cve-2025-32756-zero.html
Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems.
The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0.
"A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker to
595
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks
https://thehackernews.com/2025/05/ivanti-patches-epmm-vulnerabilities.html
Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.
The vulnerabilities in question are listed below -
CVE-2025-4427 (CVSS score: 5.3) - An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials
595
How can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2)
https://www.welivesecurity.com/en/videos/online-disinformation-unlocked-403-cybersecurity-podcast-s2e2/
Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation and how we can fight one of the most pressing challenges facing our digital world.
595
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html
A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.
"Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE)," EclecticIQ researcher Arda Büyükkaya said in an analysis published today.
Targets of the campaign
595
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
https://thehackernews.com/2025/05/malicious-pypi-package-posing-as-solana.html
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets.
The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761 times. It was first
595
Deepfake Defense in the Age of AI
https://thehackernews.com/2025/05/deepfake-defense-in-age-of-ai.html
The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage large language models (LLMs) to impersonate trusted individuals and automate these social engineering tactics at scale.
Let’s review the status of these rising attacks, what’s fueling them, and how to actually prevent, not detect, them.
The Most Powerful Person on the
595
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress
https://thehackernews.com/2025/05/north-korean-konni-apt-targets-ukraine.html
The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia.
Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on the "trajectory of the Russian invasion."
"The group's interest in Ukraine follows historical targeting
595
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
https://thehackernews.com/2025/05/moldovan-police-arrest-suspect-in-45m.html
Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021.
"He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands," officials said in a statement Monday.
In conjunction with the
595
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers
https://thehackernews.com/2025/05/turkiye-hackers-exploited-output.html
A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024.
"These exploits have resulted in a collection of related user data from targets in Iraq," the Microsoft Threat Intelligence team said. "The targets of the attack are associated with the Kurdish
595
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files
https://thehackernews.com/2025/05/asus-patches-driverhub-rce-flaws.html
ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution.
DriverHub is a tool that's designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by communicating with a
595
⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
https://thehackernews.com/2025/05/weekly-recap-zero-day-exploits.html
What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks—because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It's not just clever—it’s
595
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That
https://thehackernews.com/2025/05/the-persistence-problem-why-exposed.html
Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack
595
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
https://thehackernews.com/2025/05/fake-ai-tools-used-to-spread.html
Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile.
"Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns,"
595
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
https://thehackernews.com/2025/05/google-pays-1375-billion-to-texas-over.html
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent.
The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid $391 million to a group of 40
595
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data
https://thehackernews.com/2025/05/germany-shuts-down-exch-over-19b.html
Germany's Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform.
The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets
Available now! Telegram Research 2025 — the year's key insights 
