#SecurityLand

Security Land

@security.land

1 day ago

Hacktivists Use AI Scripts to Launch BlackReaperRAT Attacks The line between hacktivism and extortion is blurring. The "Forbidden Hyena" group is now using AI-generated PowerShell scripts to deploy the BlackReaperRAT, a stealthy new Trojan capable of total sys...

Forbidden Hyena is now using AI-generated code to deploy the BlackReaperRAT against Russian energy & retail sectors.

Read Full Story: www.security.land/ai-crafted-c...

#SecurityLand #CyberSecurity #Russia #ForbiddenHyena #AI #Ransomware #CriticalInfrastructure

Security Land

@security.land

1 day ago

South Korea's ISMS-P Security Certification Under Fire The "Gold Standard" of South Korean cybersecurity is being questioned. After several ISMS-P certified firms suffered massive data leaks, the Ministry of Science and ICT has announced a shift to a "Tec...

A vital lesson for global compliance: Paperwork doesn't stop malicious actors; technical hygiene does.

Read More: www.security.land/south-korea-...

#SecurityLand #Cybersecurity #GeoSphere #SouthKorea #ISMSP #InfoSec #PenetrationTesting #DataBreach

Security Land

@security.land

3 days ago

China Issues Security Alert on OpenClaw AI Agent The Ministry of Industry and Information Technology (MIIT) has issued an urgent warning against the open-source AI agent OpenClaw. Due to severe "default configuration" risks and hijacking flaws, gove...

The OpenClaw autonomous AI agent has achieved explosive growth, but its rapid rise has triggered a major security crisis. China's MIIT and CNCERT have issued urgent warnings.

Read More: www.security.land/china-opencl...

#SecurityLand #GeoSphere #China #OpenClaw #AI #SecurityVulnerability #CVE

CyberTaters

@potato.software

3 days ago

140 suspects, including 74 foreign nationals, were arrested by the Potato Crime Unit of the Istanbul Police Department as they dismantled a sophisticated international Forex fraud ring.

Read More: www.security.land/140-arrested...

#SecurityLand #News #Potatocrime #Turkiye #Istanbul #Forex #Fraud

Security Land

@security.land

3 days ago

140 Arrested in Massive Forex Fraud Raid in Istanbul In a major operation across Istanbul, the Cyber Crime Unit arrested 140 suspects involved in a sophisticated international Forex fraud ring targeting global investors.

140 suspects, including 74 foreign nationals, were arrested by the Cyber Crime Unit of the Istanbul Police Department as they dismantled a sophisticated international Forex fraud ring.

Read More: www.security.land/140-arrested...

#SecurityLand #News #Cybercrime #Turkiye #Istanbul #Forex #Fraud

Security Land

@security.land

3 days ago

Ukraine’s DELTA System Clears Independent Security Review Ukraine’s Ministry of Defense reports that the DELTA situational awareness system successfully passed a rigorous two-month cybersecurity assessment, ensuring the safety of military data and personnel.

Ukraine’s DELTA combat system—including its AI-powered 'Avengers' and 'Vezha' modules—just passed an independent cybersecurity audit with zero deviations from 160+ security standards.

Read More: www.security.land/ukraine-delt...

#SecurityLand #GeoSphere #Government #CyberSecurity #Ukraine #MilTech

Security Land

@security.land

4 days ago

Mandiant 2026 AI Risk Report: Real-World Security Lessons The era of theoretical AI risk is over. Mandiant’s latest research reveals how threat actors are moving from experimentation to execution—and why your defense needs a reality check.

The era of "Theoretical AI Risk" is over. 📉

Mandiant latest report shows threat actors are now operationalizing AI to automate malware and exploit "agentic" workflows.

Read More: www.security.land/mandiant-ai-...

#SecurityLand #EmergingTech #CyberSecurity #ThreatIntel #Mandiant #AI #LLM

Security Land

@security.land

3 weeks ago

Drone Cyber Threats: How to Protect Your Business High fences can't stop a drone. Discover how "aerial payloads" are bypassing traditional perimeters to hack networks and eavesdrop on corporate offices.

A new report from the BSI reveals how drones can be used as mobile hacking hubs to bypass fences and target data centers directly.

Read More: www.security.land/drone-cyber-...

#SecurityLand #BusinessShield #BSI #Germany #CorporateSecurity #DroneAwareness #Cybersecurity #PhysicalSecurity

Security Land

@security.land

1 month ago

Westcon-Comstor Acquires REAL Security in Balkans Expansion Strategic move gives Westcon-Comstor a presence in the region, providing a platform for accelerated growth and shared success.

Westcon-Comstor acquires REAL Security, entering the Balkans cybersecurity market. 8 countries, 20+ years of regional expertise, backed by global reach.

Read More: www.security.land/westcon-coms...

#SecurityLand #Cybersecurity #News #Acquisition #UK #Slovenia #Balkan

Security Land

@security.land

2 months ago

The Cyber Recovery Reality Gap: 2026 CISO Survey Results New comprehensive research from Absolute Security exposes a "recovery reality gap." With 0% of organizations achieving sub-24-hour recovery, the industry is shifting focus from detecting threats to th...

New research from Absolute Security exposes a "recovery reality gap": 0% of CISOs surveyed could restore operations within 24 hours of an attack.

Read More: www.security.land/the-24-hour-...

#SecurityLand #BusinessShield #CyberSecurity #CISO #MTTR #AbsoluteSecurity #CyberResilience #CyberDefense

Security Land

@security.land

2 months ago

WEF 2026: NCSC Warns of Increased Cyber Risks With the World Economic Forum approaching, the NCSC is warning of a surge in cyber disruptions. From DDoS attacks to credential theft, here are the essential steps the Swiss government recommends for ...

The Swiss National Cyber Security Centre (NCSC) has issued a strategic alert ahead of the World Economic Forum (WEF) 2026. Check the NCSC’s latest recommendations to stay protected.

Read More: www.security.land/wef-2026-ncs...

#SecurityLand #News #NCSC #WEF26 #CyberSecurity #Switzerland #DDoS

Security Land

@security.land

2 months ago

Kowa Emori Ransomware Attack Disrupts Operations Kowa Emori, a Japanese chemical and electronics materials trading company, disclosed a ransomware attack on January 7, 2026, that knocked out email systems and caused delays in order processing and sh...

Japanese chemical trader Kowa Emori hit by ransomware January 7. Orders and shipments delayed, no confirmed data breach yet.

Read More: www.security.land/japanese-che...

#SecurityLand #DataBreach #Ransomware #Kowa #Emori #Japan #RansomwareAttack #SupplyChain

Security Land

@security.land

2 months ago

CVE-2025-14558: FreeBSD IPv6 Vulnerability Allows RCE A critical vulnerability in FreeBSD's IPv6 auto-configuration feature (CVE-2025-14558) scores 9.8/10 and allows attackers on the same network to execute arbitrary commands with a single malicious pack...

FreeBSD CVE-2025-14558: 9.8-severity IPv6 flaw lets attackers execute code via crafted packets. Patched Dec 16, but PoC exploits dropped 2 weeks ago.

Read More: www.security.land/freebsd-ipv6...

#SecurityLand #CyberWatch #FreeBSD #Cybersecurity #IPv6 #CVE #Vulnerability

Security Land

@security.land

2 months ago

2025 Cyber Year in Review: AI Attacks, Breaches & Takedowns From React2Shell's perfect CVSS 10.0 score to the first autonomous AI cyberattack, 2025 pushed cybersecurity to its limits. This comprehensive analysis covers the top 10 breaches, critical vulnerabili...

2025 cyber recap: React2Shell hit CVSS 10.0, the first AI attack emerged, but only 23% paid ransoms. Law enforcement seized $320M across 20 operations.

Read More: www.security.land/2025-cyberse...

#SecurityLand #News #Cybersecurity #InfoSec #Ransomware #AI #DataBreach #CISO #LawEnforcement #CVE

Security Land

@security.land

2 months ago

MongoBleed CVE-2025-14847: Is Your MongoDB Exposed? Dubbed "MongoBleed," CVE-2025-14847 allows unauthenticated attackers to exfiltrate sensitive data from MongoDB heap memory. With 87,000 instances exposed, active exploitation is now confirmed.

A high-severity flaw known as MongoBleed (CVE-2025-14847) is currently being exploited in the wild. Wiz researchers have confirmed active exploitation.

Read More: www.security.land/mongobleed-a...

#SecurityLand #CyberSecurity #InfoSec #MongoDB #MongoBleed #DatabaseSecurity #Wiz #Shodan

CyberTaters

@potato.software

2 months ago

Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.

Read More: www.security.land/npm-registry...

#SecurityLand #ThreatHorizon #Potatosecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev

Security Land

@security.land

2 months ago

npm Registry Abused for Targeted Spearphishing Campaign A five-month spearphishing operation has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare ind...

Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.

Read More: www.security.land/npm-registry...

#SecurityLand #ThreatHorizon #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev

Security Land

@security.land

2 months ago

Nissan Japan Data Breach: 21,000 Customers Affected Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.

Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.

Read More: www.security.land/nissan-japan...

#SecurityLand #Cybersecurity #DataBreach #RedHat #Nissan #Japan #CrimsonCollective

Security Land

@security.land

2 months ago

The Hypervisor Blind Spot: Securing the Virtualization Layer As endpoint detection matures, attackers have moved "down the stack." Discover why hypervisor breaches have tripled in late 2025 and how to bridge the visibility gap.

Data from Huntress & CSA shows hypervisor ransomware tripled in 2025. EDR is blind at this layer. We break down the "Inside-Out" crisis and how "Ghost VMs" evade detection.

#SecurityLand #ExpertDecode #CyberSecurity #Infosec #CloudSecurity #Huntress #ThreatIntel #Ransomware #Virtualization

Security Land

@security.land

2 months ago

NuGet Malware Targets Crypto Wallets in Multi-Month Attack Security researchers uncovered 14 malicious NuGet packages that impersonated legitimate cryptocurrency tools to steal funds and OAuth tokens. The campaign ran undetected from July through October 2025...

14 fake crypto packages hid on NuGet for 4 months, stealing wallet keys and redirecting transactions. They looked legit—copied real codebases, inflated downloads to millions.

#SecurityLand #CyberWatch #Malware #Blockchain #Crypto

Read More: www.security.land/crypto-theft...

Security Land

@security.land

2 months ago

NPM Malware Steals WhatsApp Messages: 56K Downloads of Lotusbail Researchers at Koi Security have uncovered a malicious npm package that stole WhatsApp credentials and messages while functioning perfectly as a legitimate API library. The lotusbail package accumulat...

Koi Security research team uncovered something that should concern every developer using npm: a WhatsApp API package with 56,000 downloads that steals everything passing through it.

#SecurityLand #CyberWatch #NPM #WhatsApp #Koi

Read More: www.security.land/whatsapp-ste...

Security Land

@security.land

2 months ago

Iran-Linked Hackers Target Israeli Drone Engineers With Bounties The Handala hacking group claims to have exposed 14 Israeli engineers working on drone programs, offering $30,000 rewards for each. The threats follow attacks on politicians including Bennett, whose T...

The Handala group claims to have identified 14 Israeli engineers working on military drone programs—and placed $30,000 bounties on each of them. Israeli security sources haven't verified the breach.

#SecurityLand #GeoSphere #Cybersecurity #Israel #Iran

Read More: www.security.land/iranian-hack...

Security Land

@security.land

2 months ago

The NCS Guide 2025 is here, and it finally solves the funding gap. With a new 6-phase lifecycle and a mandate for Quantum/AI foresight, this is the definitive playbook for digital sovereignty.

#SecurityLand #BusinessShield #CyberSecurity #NCS2025

Read More: www.security.land/ncs-guide-20...

Security Land

@security.land

2 months ago

SHADOW-VOID-042: Cybercriminals Fake Trend Micro Alerts A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories to target defense contractors, energy companies, and cybersecurity firms. ...

A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories.

#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing

Read More: www.security.land/shadow-void-...

Security Land

@security.land

2 months ago

Inside CVE-2025-14733: The Unauthenticated RCE Hitting WatchGuard Firewalls Analysis of CVE-2025-14733, a critical WatchGuard Firebox vulnerability. Learn why unauthenticated RCE persists even after deleting vulnerable VPN configurations.

Security administrators worldwide are rushing to patch a critical security vulnerability in WatchGuard Firebox appliances tracked as CVE-2025-14733.

#SecurityLand #CyberWatch #ZeroDay #Watchguard #SecurityVulnerability #Firewall #CVE

Read More: www.security.land/watchguard-c...

Security Land

@security.land

2 months ago

UAT-9686 Chinese APT Targets Cisco Email Security Appliances Chinese threat actor UAT-9686 deploys AquaShell backdoor on Cisco Secure Email Gateway appliances with custom persistence.

Chinese threat actor UAT-9686 has been compromising Cisco email security systems since late November with a custom backdoor called AquaShell.

#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China

Read More: www.security.land/uat-9686-chi...

Security Land

@security.land

2 months ago

Firefox Extensions Hide Malware in PNG Files: 50K Users Hit Security researchers discover 17 Firefox extensions using PNG steganography to hide multi-stage malware affecting 50,000+ users.

Security researchers from Koi have uncovered 17 malicious Firefox extensions hiding multi-stage malware inside PNG logo files, affecting 50,000+ users.

#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity

Read More: www.security.land/firefox-exte...

Security Land

@security.land

2 months ago

China's AI Censorship Systems Revealed in ASPI Report ASPI exposes how Chinese LLMs systematically censor images and text while AI powers mass surveillance across justice systems.

ASPI tested Chinese LLMs with 200 politically sensitive images. Censorship embedded in training data + provider filters, not just keywords.

#SecurityLand #GeoSphere #ASPI #Research #Australia #China #AI #LLM

Read More: www.security.land/china-ai-sur...

Security Land

@security.land

2 months ago

ISC2 2025 Workforce Study: Skills Shortages Drive 88% of Security Incidents ISC2 study reveals 88% of organizations faced security incidents due to skills gaps. Analysis of workforce challenges and AI impact.

2025 Cybersecurity Workforce Study by ISC2 surveyed 16,029 professionals globally and found that 88% of organizations experienced security incidents directly caused by skills deficits in the past year.

#SecurityLand #News #Research #ISC2 #Cybersecurity

Read More: www.security.land/isc2-2025-wo...

Security Land

@security.land

2 months ago

Censys Reveals Rapid Server Rotation Behind NoName057(16) Attacks Censys research reveals DDoSia control servers last avg 2.5 days, with 6 active at any time. Analysis of pro-Russian DDoS infrastructure.

New infrastructure analysis from Censys reveals how the pro-Russian hacktivist group NoName057(16) maintains DDoSia operations through rapid server rotation.

#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057

Read More: www.security.land/ddosia-infra...