Author: Staff Writer

Summary Points Google’s Lawsuit: Google has sued the anonymous operators of the BadBox 2.0 malware botnet, accusing them of orchestrating a global ad fraud scheme targeting its advertising platforms. Malware Operation: The BadBox 2.0 botnet exploits infected Android Open Source Project (AOSP) devices, including smart TVs and streaming devices, through methods such as modifying operating systems and tricking users into installing malicious apps. Ad Fraud Tactics: The botnet generates fraudulent revenue through hidden ad rendering, invisible game site interactions, and search ad click fraud, involving over 10 million infected devices globally. Legal Action & Impact: Google seeks damages and an…

falcon-mcp and AI Red Team Services now available in new AI Agents and Tools category of AWS Marketplace CrowdStrike announced an expanded collaboration with Amazon Web Services (AWS) to accelerate AI adoption in cybersecurity and secure AI use. With the availability of falcon-mcp, an MCP server for the CrowdStrike Falcon platform, and CrowdStrike AI Red Team Services in the new AI Agents and Tools category of AWS Marketplace, AWS customers can securely operationalize agentic AI workflow integrations, and test, validate, and protect GenAI systems – all within their existing AWS environment. AI adoption is accelerating, yet most enterprises still lack secure, scalable ways to connect models to…

Quick Takeaways Malicious GitHub Exploitation: Threat actors are using fake GitHub accounts to host malicious payloads and distribute malware via Amadey, leveraging public repositories to evade detection and facilitate attacks since April 2025. MaaS Operations and Malware Loader: The campaign involves a malware loader called Emmenhtal, which delivers Amadey and other harmful payloads, alongside tools like Lumma and RedLine Stealer, highlighting a sophisticated infrastructure for malware operations. Phishing Campaigns and Diverse Threats: Related phishing campaigns employ tactics such as invoice lures and QR codes to distribute malware like CHAINVERB and various remote access tools, posing significant threats to targeted organizations…

Immersive, the leader in people-centric cybersecurity, announced its Immersive One AI-powered Lab Builder feature to give customers and partners powerful new ways to rapidly improve cyber skills across teams through customized labs and learning experiences. With this new tool supporting Immersive’s Prove, Improve, Benchmark, and Report (PIBR) approach, cyber leaders will be able to easily create hands-on exercises and simulations for their technical workforce, including offensive, defensive, and secure-coding-based simulations to improve readiness against real-world threats. With the majority of cyber attacks involving the human element and costing global organizations an average of $4.88 million annually, the need to continuously prove and improve…

Essential Insights A global malware attack could compromise about 25% of computer systems, with 15% facing total infection, according to CyberCube and Munich Re. Major cloud outages could last 72 hours, costing companies roughly 1% of their annual revenue for a single-day disruption. Internet-of-things devices and AI language models are identified as significant new cybersecurity risks. The study emphasizes the need for improved patch management and data backup strategies, with potential to reduce infection impact by 50% to 80%. The Rising Threat of Cyber Events A recent study highlights the alarming potential of a global malware attack. Researchers estimate such…

Only vendor to earn highest scores in Key Features and Business Criteria, recognized for breakthrough agentic AI innovation CrowdStrike announced it has been named both the Leader and Fast Mover in the 2025 GigaOm Radar for Security Information and Event Management (SIEM). The report recognized CrowdStrike as the most Innovative and complete Platform Play, and the only vendor to earn the highest scores across both Key Features and Business Criteria. With perfect 5/5 scores in key criteria including Attack Surface Coverage, LLM-Based Co-Pilot and Agents, Automation, and Threat Research Units, this recognition cements CrowdStrike Falcon Next-Gen SIEM as the foundation of the AI-native SOC…

Quick Takeaways Critical Vulnerability: Hackers are exploiting a severe SQL injection flaw in Fortinet’s FortiWeb Fabric Connector, tracked as CVE-2025-25257, allowing unauthorized SQL code execution via crafted HTTP/HTTPS requests. Active Exploitation: Shadowserver Foundation reported a drop in compromised FortiWeb instances from 85 to 49, indicating ongoing exploitation since July 11. Urgent Mitigation Required: Experts emphasize the need for immediate patches or complete disabling of the affected web interface to counter the critical risk. Importance of the Connector: The FortiWeb Fabric Connector is crucial for integrating various Fortinet products, underscoring the potential for severe impacts if the vulnerability is not addressed.…

Fast Facts BigONE Hack Details: Hackers stole $27 million in digital assets from cryptocurrency exchange BigONE, affecting a portion of its hot wallet, but private keys and user data were not compromised. User Reimbursements: The exchange has pledged to reimburse affected customers from its reserves and reported that deposit and trading services have been restored shortly after the attack. Investigation Insights: The incident was identified as a supply-chain attack, with tracking of stolen funds facilitated by security firm SlowMist; hackers have laundered the assets into 120 Bitcoin and other cryptocurrencies. Rising Crypto Theft: According to Chainalysis, over $2.17 billion has…

SecurityScorecard announced its inclusion in the new AI Agents and Tools category of AWS Marketplace. Customers can now use AWS Marketplace to easily discover, buy, and deploy AI agent solutions, including SecurityScorecard’s Supply Chain Detection and Response (SCDR) solution using their AWS accounts, accelerating agent and agentic workflow development. SecurityScorecard helps organizations proactively detect third-party cyber risks, prioritize remediation efforts and accelerate supply chain incident response, enabling customers to dramatically reduce risk across their vendor ecosystems while improving compliance and reducing operational overhead. Cyber Technology Insights : 5370 Technology Solutions Enhances Cybersecurity with SonicWall’s SOC and MDR “By offering SecurityScorecard in the AWS…

Top Highlights Prolonged Breach: The Chinese hacking group Salt Typhoon infiltrated a U.S. Army National Guard network for nine months, from March to December 2024, stealing valuable network configuration files and administrator credentials. Affiliation and Methods: Linked to China’s Ministry of State Security, Salt Typhoon is notorious for exploiting vulnerabilities in Cisco and Palo Alto Networks devices, utilizing flaws such as CVE-2018-0171 and CVE-2023-20198 to conduct cyber intrusions. Data Theft Impact: The group has exfiltrated 1,462 network configuration files from about 70 U.S. government and critical infrastructure entities, which could facilitate further cyber attacks on vulnerable networks across states. Official…