Security Pulse

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

yohanmanuja7 hours ago7 hours ago04 mins

Zoom delivered security fixes for Windows clients after investigators identified CVE-2025-49457, an untrusted DLL search path that can enable local privilege escalation and broader compromise. Because attackers chain DLL hijacking with lateral movement, admins should update Windows endpoints to version 6.3.10 and validate explicit path loading. This analysis explains affected apps, exploitation flow, high-signal detection, and quick remediation steps so defenders can reduce risk without adding noise.

KONNI abuses Google Find Hub for Android remote wipes

yohanmanuja7 hours ago7 hours ago05 mins

KONNI operators hijack Google accounts, pivot into Find Hub, track target locations, and trigger remote resets on Android blending valid features with malicious intent while evading conventional controls.

APT37 exploits Google Find Hub to wipe Android phones

yohanmanuja7 hours ago7 hours ago05 mins

APT37 used stolen Google credentials to access Find Hub, check Android device locations, and trigger remote factory resets. The tactic lives in the cloud, not on the handset, so identity controls matter most. Enforce phishing-resistant MFA, restrict console actions, and rehearse rapid re-enrollment.

Firefox hardens privacy: expanded fingerprint protections

yohanmanuja7 hours ago7 hours ago04 mins

Firefox now narrows high-entropy signals used for browser fingerprinting, so fewer users appear unique across sessions. Consequently, trackers lose stable identifiers while sites keep working. For enterprises, the update simplifies privacy baselines and reduces covert tracking surfaces without heavy configuration or breakage.

Ludwigshafen city IT offline after suspected cyberattack, incident response in progress

Ludwigshafen Shuts Down City IT After Cyberattack

yohanmanuja7 hours ago7 hours ago04 mins

Ludwigshafen detected suspicious activity and took city IT offline to contain risk. Teams isolate systems, assess scope, and plan a safe, phased restoration while core services continue with workarounds.

Threat actors exploiting genAI platforms and trusted cloud apps to breach manufacturing networks and exfiltrate intellectual property

AI-Powered Phishing and Cloud Malware Push Threats

yohanmanuja1 day ago1 day ago14 mins

Threat actors now pair generative AI with trusted cloud apps to breach manufacturing. They deliver malware through OneDrive/GitHub, steal API keys and tokens, and persist via OAuth consent. Without governed AI usage, Cloud DLP, and consent controls, factories face quiet IP theft and escalating downtime risks.

Gemini Deep Research report view with toggles for Gmail, Drive, and Chat sources and a visible consent banner

Gemini in Gmail and Drive: Admin Playbook for a Safe Rollout

yohanmanuja1 day ago1 day ago04 mins

Gemini’s Deep Research now taps Gmail, Drive, and Chat when users allow it. Because the agent can fuse internal messages and files with web context, output quality rises along with privacy risk. This guide shows how to roll out safely: set consent norms, restrict high-risk teams, validate audit coverage, and keep DLP and labels active so Deep Research never reads more than policy permits.

ClickFix phishing page coaching a user to paste a command that steals M365 access

ClickFix Lures Coach Users to Self-Infect and Bypass Filters

yohanmanuja1 day ago1 day ago04 mins

ClickFix campaigns scale by coaching users to “fix” access issues with copy-paste commands. After the click, actors steal Microsoft 365 tokens or credentials and, in some cases, drop PureRAT for persistence. Break the flow by enforcing admin-only app consent, requiring phishing-resistant MFA, and blocking browser-to-shell chains. Investigate mailbox rules, token reuse, and OAuth grants whenever ClickFix pages appear in referral logs.

Smishing text claiming a lost iPhone was found, with fake iCloud link

Lost iPhone Smishing: Don’t Tap “We Found Your Phone” Links

yohanmanuja1 day ago1 day ago04 mins

Smishing texts now target lost iPhone owners with fake “found” alerts and cloned iCloud pages. Verify only in Find My, keep Activation Lock tied to your Apple ID, and avoid links in messages. Set a SIM PIN, rotate your Apple ID password, and review trusted devices to prevent account takeover.

UK investigation into Yutong electric buses highlighting remote shutdown risk and OTA connectivity

UK Scrutinizes Chinese E-Buses After Norway Kill-Switch Tests

yohanmanuja1 day ago1 day ago04 mins

The UK is investigating whether Yutong electric buses can be remotely deactivated. Norway’s Faraday-cage tests and Denmark’s review raised alarms about SIM-enabled diagnostics and OTA updates. Operators should lock down telematics, broker OTA, and drill outage response now.

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

KONNI abuses Google Find Hub for Android remote wipes

APT37 exploits Google Find Hub to wipe Android phones

Firefox hardens privacy: expanded fingerprint protections

Ludwigshafen Shuts Down City IT After Cyberattack

AI-Powered Phishing and Cloud Malware Push Threats

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

KONNI abuses Google Find Hub for Android remote wipes

APT37 exploits Google Find Hub to wipe Android phones

Firefox hardens privacy: expanded fingerprint protections

New XCSSET macOS Malware Variant Targets Firefox with Clipper Module

Chrome Remote Code Execution Exposed!! What You Need to Do

How Zombie APIs Resurface and Expand Attack Paths

Herodotus Malware Mimics Human Typing to Evade Detection

Latest _posts

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

KONNI abuses Google Find Hub for Android remote wipes

APT37 exploits Google Find Hub to wipe Android phones

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

KONNI abuses Google Find Hub for Android remote wipes

APT37 exploits Google Find Hub to wipe Android phones

Firefox hardens privacy: expanded fingerprint protections

Ludwigshafen Shuts Down City IT After Cyberattack

AI-Powered Phishing and Cloud Malware Push Threats

Gemini in Gmail and Drive: Admin Playbook for a Safe Rollout

ClickFix Lures Coach Users to Self-Infect and Bypass Filters

Lost iPhone Smishing: Don’t Tap “We Found Your Phone” Links

UK Scrutinizes Chinese E-Buses After Norway Kill-Switch Tests

You May Have _Missed

Open-Source Projects Exploited by Chinese State-Backed Hackers

GPT-5-Powered Aardvark Automates Vulnerability Fixes

How CVE-2025-59282 Enables Remote Code Execution in IIS

State-Aligned Intrusion at a Telecom Provider: What to Triage First

CISA Warns of MeteoBridge RCE Bug CVE-2025-4008

How Zombie APIs Resurface and Expand Attack Paths

APT37 exploits Google Find Hub to wipe Android phones

Defective block homeowners’ data at risk following cyberattack

Latest posts

You May Have Missed

Latest _posts

You May Have _Missed