iT4iNT SERVER
LightNews LightNews
banner
it4intserver.bsky.social
iT4iNT SERVER
@it4intserver.bsky.social
2 followers 9 following 40 posts
IT4INT SERVER Pvt Ltd Affordable Secure Dynamic Cheap Dedicated Server, Cloud VPS, Web Hosting, ERP Cloud Server Solution Data Centers 99.9% up-time | Transforming Business By Professional Infra Digital Infra Company - https://it4int.com
Posts Replies Media Videos
it4intserver.bsky.social
iT4iNT SERVER Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature VDS VPS Cloud #CyberSecurity #Hacking #DataBreach #Vulnerability #Malware
Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature
Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads.  The
dlvr.it
November 11, 2025 at 12:08 AM
it4intserver.bsky.social
iT4iNT SERVER ⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More VDS VPS Cloud #Cybersecurity #Malware #AI #RDPExploits #WhatsAppSecurity
⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast
dlvr.it
November 10, 2025 at 3:18 PM
it4intserver.bsky.social
iT4iNT SERVER Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware VDS VPS Cloud #Cybersecurity #Phishing #Malware #HotelSecurity #ClickFix
Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware
Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying malware like PureRAT. "The attacker's modus operandi involved using a compromised email account to send malicious messages to multiple hotel establishments," Sekoia said. "This campaign
dlvr.it
November 10, 2025 at 12:21 PM
it4intserver.bsky.social
iT4iNT SERVER Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic VDS VPS Cloud #Microsoft #AI #Cybersecurity #WhisperLeak #Encryption
Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This leakage of data exchanged between humans and streaming-mode language models could pose serious risks to
dlvr.it
November 8, 2025 at 4:06 PM
it4intserver.bsky.social
iT4iNT SERVER Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp VDS VPS Cloud #Samsung #ZeroClick #AndroidSpyware #CVE2025 #CyberSecurity
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the "libimagecodec.quram.so" component that could allow remote attackers to execute arbitrary
dlvr.it
November 7, 2025 at 7:27 PM
it4intserver.bsky.social
iT4iNT SERVER Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts VDS VPS Cloud #GoogleMaps #ReviewExtortion #BusinessSafety #FakeReviews #OnlineSecurity
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
Google on Thursday said it's rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to tackle a common practice called review bombing, where online users intentionally post negative user reviews in an
dlvr.it
November 7, 2025 at 10:36 AM
it4intserver.bsky.social
iT4iNT SERVER Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities VDS VPS Cloud #Cybersecurity #Malware #AI #Ransomware #VSCode
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the extension "susvsex," said it does not attempt to hide its malicious functionality. The extension was uploaded on
dlvr.it
November 7, 2025 at 7:39 AM
it4intserver.bsky.social
iT4iNT SERVER Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine VDS VPS Cloud #CyberSecurity #Phishing #Malware #ESET #Ukraine
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense, describing it as Russia-aligned. "InedibleOchotense sent spear-phishing emails and Signal text messages, containing a link
dlvr.it
November 6, 2025 at 4:54 PM
it4intserver.bsky.social
iT4iNT SERVER Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection VDS VPS Cloud #CyberSecurity #Hackers #Virtualization #HyperV #Malware
Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine. "This hidden environment, with its lightweight
dlvr.it
November 6, 2025 at 8:02 AM
it4intserver.bsky.social
iT4iNT SERVER Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly VDS VPS Cloud #Google #Malware #Cybersecurity #AI #GeminiAI
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion. "PROMPTFLUX is written in VBScript and interacts with Gemini's API to request specific VBScript obfuscation and
dlvr.it
November 5, 2025 at 5:17 PM
it4intserver.bsky.social
iT4iNT SERVER Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data VDS VPS Cloud #Cybersecurity #AI #ChatGPT #DataLeak #OpenAI
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI's GPT-4o and GPT-5 models. OpenAI has
dlvr.it
November 5, 2025 at 2:21 PM
it4intserver.bsky.social
iT4iNT SERVER CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence VDS VPS Cloud #Cybersecurity #Vulnerability #CISA #Gladinet #CWP
CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-11371 (CVSS score: 7.5) - A vulnerability in files or directories accessible to
dlvr.it
November 5, 2025 at 8:27 AM
it4intserver.bsky.social
iT4iNT SERVER Europol and Eurojust Dismantle €600 Million Crypto Fraud Network in Global Sweep VDS VPS Cloud #CryptoFraud #Europol #Eurojust #Cryptocurrency #MoneyLaundering
Europol and Eurojust Dismantle €600 Million Crypto Fraud Network in Global Sweep
Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of €600 million (~$688 million). According to a statement released by Eurojust today, the action took place between October 27 and 29 across Cyprus, Spain, and Germany, with the suspects arrested on charges of involvement in
dlvr.it
November 4, 2025 at 5:41 PM
it4intserver.bsky.social
iT4iNT SERVER Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed VDS VPS Cloud #MicrosoftTeams #CyberSecurity #InfoSec #DataProtection #Vulnerability
Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities "allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications," Check Point said in a report shared with The Hacker News. Following responsible disclosure in March
dlvr.it
November 4, 2025 at 2:45 PM
it4intserver.bsky.social
iT4iNT SERVER Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive VDS VPS Cloud #Cybersecurity #Malware #Bitcoin #Ethereum #RAT
Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive
Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex's John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to
dlvr.it
November 3, 2025 at 9:02 PM
it4intserver.bsky.social
iT4iNT SERVER Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks VDS VPS Cloud #Cybersecurity #Cybercrime #Logistics #Freight #RemoteMonitoring
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according to Proofpoint, is said to be collaborating with organized crime groups to break into entities in the
dlvr.it
November 3, 2025 at 3:07 PM
it4intserver.bsky.social
iT4iNT SERVER Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data VDS VPS Cloud #Cybersecurity #Malware #AndroidTrojans #BankBotYNRK #DeliveryRAT
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep analysis efforts by first checking its running within a virtualized or emulated environment
dlvr.it
November 3, 2025 at 12:12 PM
it4intserver.bsky.social
iT4iNT SERVER ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability VDS VPS Cloud #CyberSecurity #BADCANDY #Cisco #Vulnerability #CVE2023
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability
The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical vulnerability that allows a remote, unauthenticated attacker to create an
dlvr.it
November 1, 2025 at 3:56 PM
it4intserver.bsky.social
iT4iNT SERVER OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically VDS VPS Cloud #OpenAI #GPT5 #Aardvark #AI #Cybersecurity
OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically
OpenAI has announced the launch of an "agentic security researcher" that's powered by its GPT-5 large language model (LLM) and is programmed to emulate a human expert capable of scanning, understanding, and patching code. Called Aardvark, the artificial intelligence (AI) company said the autonomous agent is designed to help developers and security teams flag and fix security vulnerabilities at
dlvr.it
October 31, 2025 at 7:18 PM
it4intserver.bsky.social
iT4iNT SERVER China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats VDS VPS Cloud #Cybersecurity #CyberEspionage #Malware #DataBreach #Vulnerability
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025. The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said in a
dlvr.it
October 31, 2025 at 4:21 PM
it4intserver.bsky.social
iT4iNT SERVER The MSP Cybersecurity Readiness Guide: Turning Security into Growth VDS VPS Cloud #Cybersecurity #MSPs #Compliance #Growth #ITSecurity
The MSP Cybersecurity Readiness Guide: Turning Security into Growth
MSPs are facing rising client expectations for strong cybersecurity and compliance outcomes, while threats grow more complex and regulatory demands evolve. Meanwhile, clients are increasingly seeking comprehensive protection without taking on the burden of managing security themselves. This shift represents a major growth opportunity. By delivering advanced cybersecurity and compliance
dlvr.it
October 31, 2025 at 1:23 PM
it4intserver.bsky.social
iT4iNT SERVER Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month VDS VPS Cloud #Google #Android #AI #ScamAlert #Cybersecurity
Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services (RCS), an evolution of the SMS protocol, thereby preventing scams before they could even be sent. In
dlvr.it
October 30, 2025 at 7:42 PM
it4intserver.bsky.social
iT4iNT SERVER New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL VDS VPS Cloud #Cybersecurity #Chromium #BrashExploit #WebSecurity #Vulnerability
New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds. Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash. "It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed," Pino said in a
dlvr.it
October 30, 2025 at 4:44 PM
it4intserver.bsky.social
iT4iNT SERVER The Death of the Security Checkbox: BAS Is the Power Behind Real Defense VDS VPS Cloud #Cybersecurity #BASummit2025 #Infosec #CyberDefense #AIValidation
The Death of the Security Checkbox: BAS Is the Power Behind Real Defense
Security doesn’t fail at the point of breach. It fails at the point of impact.  That line set the tone for this year’s Picus Breach and Simulation (BAS) Summit, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It's about proof. When a new exploit drops, scanners scour the internet in minutes. Once attackers gain a foothold,
dlvr.it
October 30, 2025 at 1:47 PM
it4intserver.bsky.social
iT4iNT SERVER Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices VDS VPS Cloud #Cybersecurity #BotnetAttacks #PHPServers #IoTDevices #DDoS
Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi. "These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over exposed systems and expand botnet networks," the Qualys Threat Research Unit (TRU) said in a report
dlvr.it
October 29, 2025 at 5:07 PM