Researchers have developed a novel attack that steals user data by injecting malicious prompts in images processed by AI systems before delivering them to a large language model. The method relies on full-resolution images that carry instructions invisible to the human eye but become apparent when the image quality is lowered through resampling algorithms. Developed … Ler mais
U.S. insurance giant Farmers Insurance has disclosed a data breach impacting 1.1 million customers, with BleepingComputer learning that the data was stolen in the widespread Salesforce attacks. Farmers Insurance is a U.S.-based insurer that provides auto, home, life, and business insurance products. It operates through a network of agents and subsidiaries, serving more than 10 … Ler mais
French retailer Auchan is informing that some sensitive data associated with loyalty accounts of several hundred thousand of its customers was exposed in a cyberattack. The company is sending data breach notifications to customers affected by the incident. “We are writing to inform you that Auchan has been the victim of a cyberattack. This attack … Ler mais
Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware Experts found 77 malicious Android apps with 19M+ installs on Google Play, spreading malware, including the Anatsa (TeaBot) banking trojan. While investigating Anatsa (Tea Bot) banking trojan infections, Zscaler’s ThreatLabsdiscovered seventy-seven malicious Android apps with more than 19 … Ler mais
Seventy-seven malicious Android apps with more than 19 million installs were delivering multiple malware families toGoogle Play users. This malware infiltration was discovered by Zscaler’s ThreatLabs team while investigating a new infection wave with Anatsa (Tea Bot) banking trojan targeting Android devices. While most of the malicious apps (over 66%) included adware components, the most … Ler mais
Os pesquisadores de segurança cibernética descobriram uma campanha persistente, implantando o malware Androidos Spyote, um sofisticado Trojan de acesso remoto (RAT) projetado para vigilância, exfiltração de dados e controle de dispositivos remotos. Esta operação imita as páginas legítimas da loja do Google Play para aplicativos populares do Android, levando os usuários a baixar arquivos APK … Ler mais
Apenas 7 dias restantes para garantir o registro de madrugadores no início Conferência OpenSSL 20257 a 9 de outubro em Praga. O evento reunirá advogados, reguladores, desenvolvedores e empreendedores para explorar questões de segurança e privacidade para todos, em todos os lugares. Os participantes terão a oportunidade de: Conheça as equipes por trás do OpenSSL, … Ler mais
A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if theEnhanced Container Isolation (ECI) protection is active. The security issue isa server-side request forgery (SSRF) now identified asCVE-2025-9074, and it received a critical severity rating of 9.3. “A malicious container running on Docker Desktop … Ler mais
A sophisticated malvertising campaign which sought to deploy a variant ofAtomic macOS Stealer (AMOS)has targeted hundreds of organizations. Between June and August 2025, the campaign saw victims diverted to fraudulent macOS help websites and encouraged them to execute a malicious one-line installation command. The aim was for victims to ultimately be infected with the SHAMOS … Ler mais
Um despejo de dados significativo surgiu em ddosecrets.com, supostamente extraído de uma estação de trabalho pertencente a um ator de ameaças que visava organizações na Coréia do Sul e Taiwan. O vazamento, detalhado em um artigo que o acompanha, atribui a atividade ao grupo de ameaças persistentes avançadas norte -coreanas (APT), conhecido como Kimsuky, um … Ler mais
