lemmydev2

Cybercriminals are advancing beyond rudimentary phishing attempts, adopting sophisticated social engineering strategies that build relationships with targets before delivering malicious payloads. ESET’s APT Activity Report shows that the North Korea-aligned threat actors have significantly refined their tactics, making traditional security advice like “don’t click suspicious links” increasingly inadequate as attacks become more convincing and personalized. […] The post Hackers Using Advanced Social Engineering Techniques With Phishing Attacks appeared first on Cyber Security News.

SquareX’s research team has recently uncovered a sophisticated browser attack technique that allows malicious extensions to impersonate any extension installed on a victim’s browser. This newly discovered “polymorphic extension attack” creates pixel-perfect replicas of legitimate extensions’ icons, HTML popups, and workflows, making it nearly impossible for users to distinguish them from authentic extensions. The attack […] The post New Polymorphic Attack That Mimic Any Chrome Extension Installed On The Browser appeared first on Cyber Security News.

In a sophisticated business email compromise (BEC) attack recently uncovered by Trend Micro Managed XDR team, threat actors exploited a compromised third-party email server to conduct fraudulent financial transactions between business partners. The scheme, which unfolded over several days, involved manipulating email conversations between three business partners, ultimately leading to funds being transferred to accounts […] The post Hackers Leveraging Compromised Email Server To Send Fraudulent Emails appeared first on Cyber Security News.

Espressif has 35 documented security and bug advisories since 2020, ranging from genuine security flaws to end-of-life announcements. Yet their newest entry, a plain new CVE-2025-27840 out of Spain regarding an ESP32 chip, stands out not for its discovery but for its alarmist classification. To be clear, this is just the latest security advisory in … Continue reading ESP32 “Backdoor” Claims? How CVE-2025-27840 Analysis Shows No Backdoor →

A new open-source tool named 'Chirp' transmits data, such as text messages, between computers (and smartphones) through different audio tones. [...]

Bill Toulas / BleepingComputer: Tarlogic researchers find an undocumented “backdoor” in Chinese manufacturer Espressif's ESP32 microchip used in 1B+ devices for WiFi and Bluetooth connectivity  —  The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains …

Comments

Reuters: Sources detail the nearly 10-hour-long tech meltdown of the European Central Bank's main payment system on February 27 due to a piece of malfunctioning hardware  —  The European Central Bank's payments crash last week meant salaries and welfare funds were delayed for thousands of people.

[Ken Shirriff] has been sharing a really low-level look at Intel’s Pentium (1993) processor. The Pentium’s architecture was highly innovative in many ways, and one of [Ken]’s most recent discoveries …read more

iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."…

A data breach suffered by the Japanese telecom giant NTT exposed information of nearly 18,000 corporate customers. Japanese telecom giant NTT suffered a data breach that exposed information of nearly 18,000 corporate customers. On February 5th, the security team detected suspicious activity in its ‘Order Information Distribution System,’ and immediately restricted access to device A. […]

Reddit’s automatic moderation tool is flagging the word “Luigi” as potentially violent — even when the content isn’t. Earlier this week, a moderator from r/popculture saw Reddit’s AutoModerator system flag a post about the video game Luigi’s Mansion 3 because it included the word “Luigi,” giving them instructions to “check for violence.” A Reddit spokesperson, […]