1
The Hacker News
•
12 hours ago
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners.
The threat activity clusters have been codenamedSoco404andKoskeby cloud security firms Wiz and Aqua, respectively.
Soco404 "targets both Linux and Windows systems, deploying platform-specific malware," Wiz researchers Maor Dokhanian, Shahar Dorfman, and Avigayil Mechtingersaid. "They use process masquerading to disguise
2
Cybersecurity News
•
14 hours ago
Attackers are weaponizing India’s appetite for mobile banking by circulating counterfeit Android apps that mimic the interfaces and icons of public-sector and private banks. Surfacing in telemetry logs on 3 April 2025, the impostors travel through smishing texts, QR codes and -engine poisoning, tricking users into sideloading the packages. During the initial execution window, a […]
3
Finextra Security
•
8 hours ago
From Friction to Function: Optimising Onboarding in an Age of AML, AI and Rising Risk
Join this webinar, hosted in association with nCino, to the challenges of commercial onboarding, particularly in the context of increasing regulations like the EU AML Directive and an emphasis on the importance of data strategy, AI, and streamlining Client Lifecycle Management (CLM).
How can banks scale AML compliance in an increasingly complex and high-risk environment without compromising the commercial clien
4
SecurityWeek
•
4 days ago
Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.
5
SecurityWeek
•
11 hours ago
An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system.