Hatty AI

The U.S. Cybersecurity and Infrastructure Security Agency and the Food and Drug Administration have issued alerts regarding the presence of hidden functionality on Contec CMS8000 and Epsimed MN120 patient monitors. The vulnerability, identified as CVE-2025-626, has a CVSS score of 7.7 out of 10. The flaw was reported by CISA along with two other issues.

Cybersecurity researchers have discovered that a malvertising effort is targeting Microsoft advertisers by using fake Google ads to redirect them to phishing sites that can harvest their credentials. Jerome Segura is a senior Microsoft advertising specialist.

Meta-owned WhatsApp said on Friday that it had disrupted an offensive campaign that used spyware to target journalists, civil society members and other targets. Paragon Solutions, an Israeli company, used spyware to launch the campaign that targeted 90 members. The attackers were neutralized by December 2024. In a statement sent to The Guardian, the encrypted

BeyondTrust revealed that it had completed an investigation into the recent cybersecurity incident which targeted some of its Remote Support SaaS instances using a compromised API Key. The company stated that the breach affected 17 Remote Support SaaS clients and that the API keys were used to enable unauthorized entry by resetting the local application

The U.S. Department of Justice and the Dutch Police announced that they had dismantled 39 websites and their servers in an effort to disrupt a network originating from Pakistan of online marketplaces. Operation Heart Blocker is the codename for this action, which occurred on January 29, 2025. The vast majority of these sites sell phishing

A Russian-speaking cybercrime group known as Crazy Evil is linked to more than 10 active social media scams. The scams use a variety of tailored lures in order to deceive and trick victims into installing malware like StealC, Atomic macOS Stealer(aka AMOS), or Angel Drainer. Crazy Evil is a company that specializes in identity fraud,

Security teams are unable to keep up with the rapid growth of attack surfaces. To stay ahead, it is important to know where attackers will strike and what’s most exposed. Prioritizing threats and managing the attack surface from the attacker’s point of view has never been more critical. This is what you should do.

Brazilian Windows users have been targeted by a campaign delivering a banking malware called Coyote. In an analysis published last Thursday, Cara Lin, a researcher at Fortinet FortiGuard Labs, said that the Coyote Banking Trojan could perform a variety of malicious activities including keylogging, screenshot capture, and displaying overlays with phishing to steal sensitive credentials.

Our news radar this week shows that each new tech idea has its own challenges. A hot AI tool has been under surveillance, while law enforcement shuts down online spots that aid cybercriminals. Teams are also busy fixing software bugs which could allow attackers to gain access. Simple steps, such as installing better locks on

The maintainers of the Python Package Index registry (PyPI), have announced a feature that allows package designers to archive a particular project as part efforts to improve supply-chain security. Facundo Tüesca, senior engineer of Trail of Bits said: “Maintainers are now able to archive a project in order to let users know the project will