Storm-2603 exploits Microsoft SharePoint flaws to deploy dual ransomware in APAC and Latin America.
Category: cybercrime/malcode
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
A third variation of these attacks impersonates Teams in emails, claiming that they have unread messages and that they can click on the “Reply in Teams” button embedded in the messages to redirect them to credential harvesting pages.
“By cloaking malicious destinations with legitimate urldefense[.]proofpoint[.]com and url[.]emailprotection URLs, these phishing campaigns’ abuse of trusted link wrapping services significantly increases the likelihood of a successful attack,” Cloudflare said.
When contacted by The Hacker News for comment, Proofpoint said it’s aware of threat actors abusing URL redirects and URL protection in ongoing phishing campaigns, and that it’s a technique the company has observed from multiple security service providers who provide similar email protection or URL rewrite solutions, such as Cisco and Sophos.
Hackers target Python devs in phishing attacks using fake PyPI site
The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website.
PyPI is a repository for Python packages, accessible at pypi.org, that offers a centralized platform for developers to distribute and install third-party software libraries. It hosts hundreds of thousands of packages and is the default source for Python’s package management tools.
“PyPI has not been hacked, but users are being targeted by a phishing attack that attempts to trick them into logging in to a fake PyPI site. Over the past few days, users who have published projects on PyPI with their email in package metadata may have received an email titled ‘[PyPI] Email verification’ from the email address [email protected],” the PyPI admin Mike Fiedler cautioned.
Kali Linux can now run in Apple containers on macOS systems
“We recommend reading and following Apple’s advice if you run into these issues.”
Cybersecurity professional Taha Ex also warns that some Kali use cases that require hardware passthrough will not work due to the container being isolated from hardware.
Microsoft to disable Excel workbook links to blocked file types
Microsoft has announced that it will start disabling external workbook links to blocked file types by default between October 2025 and July 2026.
After the rollout, Excel workbooks referencing blocked file types will display a #BLOCKED error or fail to refresh, eliminating security risks associated with accessing unsupported or high-risk file types, including, but not limited to, phishing attacks that utilize workbooks to redirect targets to malicious payloads.
This change is being introduced as a new FileBlockExternalLinks group policy, which expands File Block Settings to include external workbook links.
The Growing Impact Of AI And Quantum On Cybersecurity
#ArtificialIntelligence #CyberSecurity #QuantumComputing
The transformative effects of emerging technologies in this year by artificial intelligence and quantum computing will be hugely impactful; however, their cybersecurity challenges on society will require the need for proactive security adaptation and collaboration to mitigate new threats.
AI agent autonomously solves complex cybersecurity challenges using text-based tools
Artificial intelligence agents—AI systems that can work independently toward specific goals without constant human guidance—have demonstrated strong capabilities in software development and web navigation. Their effectiveness in cybersecurity has remained limited, however.
That may soon change, thanks to a research team from NYU Tandon School of Engineering, NYU Abu Dhabi and other universities that developed an AI agent capable of autonomously solving complex cybersecurity challenges.
The system, called EnIGMA, was presented this month at the International Conference on Machine Learning (ICML) 2025 in Vancouver, Canada.
