ThreatsHub Cybersecurity News

Election infosec advisory agency also shuttered A penetration tester who worked at the US govt’s CISA claims his 100-strong team was dismissed after Elon Musk’s Trump-blessed DOGE unit cancelled a contract – and that more staff at the cybersecurity agency have also been let go.… READ MORE HERE…

The Register

March 11, 2025 TH Author

‘Uber for nurses’ exposes 86K+ medical records, PII in open S3 bucket for months

Non-password-protected, unencrypted 108GB database … what could possibly go wrong Exclusive More than 86,000 records containing nurses’ medical records, facial images, ID documents and more sensitive info linked to health tech company ESHYFT was left sitting in a wide-open misconfigured AWS S3 bucket for months — or possibly even longer — before it was closed it last week.… READ MORE HERE…

Microsoft Secure

March 11, 2025 TH Author

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies. These enhanced features help this malware family steal and exfiltrate files and system and user information, such as digital wallet data and notes, among others.
The post New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects appeared first on Microsoft Security Blog. READ MORE HERE…

ZDNet | Security

March 11, 2025 TH Author

How to disable ACR on your TV (and stop companies from spying on you)

With smarter TV operating systems come new privacy risks. One key feature to watch out for is automatic content recognition (ACR) – a tool that tracks your viewing habits.READ MORE HERE…

ZDNet | Security

March 11, 2025 TH Author

When you should use a VPN – and when you shouldn’t

Using a VPN 24/7 isn’t always the best idea. Here’s why.READ MORE HERE…

The Register

March 11, 2025 TH Author

MINJA sneak attack poisons AI models for other chatbot users

Nothing like an OpenAI-powered agent leaking data or getting confused over what someone else whispered to it AI models with memory aim to enhance user interactions by recalling past engagements. However, this feature opens the door to manipulation.… READ MORE HERE…

ZDNet | Security

March 11, 2025 TH Author

The best VPN trials of 2025: Expert tested and reviewed

Interested in a VPN, but don’t want to part with any money yet? We’ve found the best VPN free trials to test out a range of solutions before you commit.READ MORE HERE…

TrendMicro

March 11, 2025 TH Author

AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution

In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to make fake repositories appear legitimate. Read More HERE…

The Register

March 10, 2025 TH Author

Google begs owners of crippled Chromecasts not to hit factory reset

Expired SSL cert kerfuffle leaves second-gen, Audio gadgets useless Google’s second-generation Chromecast and its Chromecast Audio are suffering a major ongoing outage, with devices failing to cast due to an expired security certificate. The web giant is aware of the breakdown and says a fix is in the works.… READ MORE HERE…

ZDNet | Security

March 10, 2025 TH Author

6 obscure browsers that are better than Chrome

These alternative browsers are free to try, so you have nothing to lose – except maybe your Chrome addiction.READ MORE HERE…

Cyber Security Trending News

AI killed the cloud-first strategy: Why hybrid computing is the only way forward now

CISA worker says 100-strong red team fired after DOGE cancelled contract

‘Uber for nurses’ exposes 86K+ medical records, PII in open S3 bucket for months

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

How to disable ACR on your TV (and stop companies from spying on you)

When you should use a VPN – and when you shouldn’t

MINJA sneak attack poisons AI models for other chatbot users

The best VPN trials of 2025: Expert tested and reviewed

AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution

Google begs owners of crippled Chromecasts not to hit factory reset

6 obscure browsers that are better than Chrome