The Cyber Security Hub™
@TheCyberSecHub
Followers
191K
Following
12K
Media
1K
Statuses
96K
World's Premier Cyber Security Portal™ #cybersecurity #infosec #hacking #tech 📧 [email protected]
Global
Joined October 2016
University of Pennsylvania joins list of victims from Clop's Oracle EBS raid
theregister.com
: Ivy League school warns more than 1,400 people after attackers siphon data via zero-day
0
1
1
Europol nukes Cryptomixer laundering hub, seizing €25M in Bitcoin
theregister.com
: Operation Olympia pulls Swiss servers offline and scoops up 12TB of data in latest crime infrastructure crackdown
1
0
1
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
helpnetsecurity.com
Google patches Android vulnerabilities, including CVE-2025-48633 and CVE-2025-48572, which "may be under limited, targeted exploitation".
0
1
0
Microsoft Defender portal outage disrupts threat hunting alerts https://t.co/UVf6Dg0kgw
#Microsoft #Security
bleepingcomputer.com
Microsoft is working to mitigate an ongoing incident that has been blocking access to some Defender XDR portal capabilities for the past 10 hours.
0
0
2
Critical PickleScan Vulnerabilities Expose AI Model Supply Chains https://t.co/EHA6PEXjgE
#cybersecurity #infosec #hacking
infosecurity-magazine.com
3 critical zero-day flaws in PickleScan, affecting Python and PyTorch, allowed undetected attacks
0
0
0
Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
thehackernews.com
Lazarus-linked IT operatives caught using fake hiring, identity theft tools, and ANY.RUN traps to infiltrate Western companies.
0
0
1
GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
thehackernews.com
GlassWorm spreads again using 24 fake extensions across Visual Studio Marketplace and Open VSX, hiding Rust implants & Solana-based C2 to target devs.
0
1
0
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
thehackernews.com
Malicious npm package mimics an ESLint plugin, embeds an AI-tricking prompt, and steals environment variables via a post-install script.
0
0
0
Cybercrime Goes SaaS: Renting Tools, Access, and Infrastructure https://t.co/pb7IPB98QS
#Security
bleepingcomputer.com
Cybercrime has fully shifted to a subscription model, with phishing kits, Telegram OTP bots, infostealer logs, and even RATs now rented like SaaS tools. Varonis explains how this "crime-as-a-service"...
0
0
0
Kensington and Chelsea confirms IT outage was a data breach after all
theregister.com
: Borough says attackers copied 'historical' info as three-council cyber woes drag on
0
1
1
ShadyPanda's Seven-Year Campaign Infects 4.3M Chrome and Edge Users https://t.co/FBRSi47ZT3
#cybersecurity #infosec #hacking
infosecurity-magazine.com
Infected 4.3 million Chrome and Edge users via extensions; ShadyPanda exploited browser marketplaces
0
0
0
North Korea lures engineers to rent identities in fake IT worker scheme https://t.co/Ko3N2YVfo1
#Security
bleepingcomputer.com
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising.
0
0
0
DPRK's 'Contagious Interview' Spawns Malicious Npm Package Factory
darkreading.com
North Korean attackers have delivered more than 197 malicious packages as part of ongoing state-sponsored activity to compromise software developers.
0
0
0
Forward Edge-AI delivers quantum-safe data diode and earns communications patent
helpnetsecurity.com
Forward Edge-AI announced two major milestones in advancing quantum-resistant communications: the United States Patent and Trademark Office (USPTO) has
0
2
2
Google fixes two Android zero days exploited in attacks, 107 flaws https://t.co/z0RdA8180J
#Security #Google #Mobile
bleepingcomputer.com
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks.
0
2
1
Fake Calendly invites spoof top brands to hijack ad manager accounts https://t.co/Cek63wmjLQ
#Security
bleepingcomputer.com
An ongoing phishing campaign impersonates popular brands, such as Unilever, Disney, MasterCard, LVMH, and Uber, in Calendly-themed lures to steal Google Workspace and Facebook business account...
0
2
0
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
thehackernews.com
MuddyWater is targeting multiple Israeli sectors using its new MuddyViper backdoor, advanced loaders, and credential-stealing tools.
0
0
1
FTC schools edtech outfit after intruder walked off with 10M student records
theregister.com
: Regulator says Illuminate ignored years of warnings, stored kids' data in plain text, and kept districts in the dark
0
0
0
Microsoft: KB5070311 triggers File Explorer white flash in dark mode https://t.co/HGRncFZVbA
#Microsoft
bleepingcomputer.com
Microsoft has confirmed that the KB5070311 preview update is triggering bright white flashes when launching the File Explorer in dark mode on Windows 11 systems.
0
1
1
University of Pennsylvania confirms new data breach after Oracle hack https://t.co/Xwun5wwr0t
#Security
bleepingcomputer.com
The University of Pennsylvania (Penn) has confirmed a new data breach after attackers stole documents containing personal information from its Oracle E-Business Suite servers in August.
0
0
0