Security Bulletin
21 Apr 2025
Biztonsági szemle
DOGE's AI use raises concern among House Dems
U.S. Office of Management and Budget Director Russell Vought has been urged by a group of 48 House Democrats to provide more details regarding unauthorized artificial intelligence usage by the Elon Musk-led Department of Government Efficiency...
21 Apr 2025
Biztonsági szemle
Bruce Schneier tackles AI hype, NSA surveillance, and cyber 'rage fatigue'
Bruce Schneier on security theater, AI snake oil, and the limits of cryptographic morality.
21 Apr 2025
Biztonsági szemle
US indicts Nemesis Market founder over criminal activity
Cybernews reports that dark web marketplace Nemesis Market had its founder Behrouz Parsarad indicted by the U.S.
21 Apr 2025
Biztonsági szemle
Federal charges filed against alleged SmokeLoader malware operator
Alleged SmokeLoader botnet operator Nicholas Moses, also known as "scrublord", has been charged by federal prosecutors with a count of conspiracy to commit fraud and other computer-related activity over the compromise of more than 65,000 individuals'...
21 Apr 2025
Biztonsági szemle
Critical authentication bypass bug impacts Asus routers with AiCloud
ASUS has disclosed that its routers with the AiCloud feature activated are affected by the critical authentication bypass vulnerability, tracked as CVE-2025-2492, which could be leveraged to facilitate unauthorized function execution, Security...
21 Apr 2025
Biztonsági szemle
Google OAuth vulnerability exploited in advanced phishing attack
BleepingComputer reports that Google was discovered by Ethereum Name Service lead developer Nick Johnson to have had an OAuth vulnerability leveraged to facilitate the delivery of a bogus email purporting to be a security alert from the company with...
21 Apr 2025
Biztonsági szemle
Novel SuperCard X MaaS platform leveraged for payment card compromise
Android devices have been targeted with the new SuperCard X malware-as-a-service platform to pilfer funds from payment cards as part of a new scam that also involves social engineering and NFC exploitation, according to The Record, a news site by...
21 Apr 2025
Biztonsági szemle
Massive ongoing US toll fraud underpinned by Chinese smishing kit
Massive ongoing US toll fraud underpinned by Chinese smishing kit Numerous threat actors have been leveraging an SMS phishing kit developed by Chinese threat actor "Wang Duo Yu" to conduct a widespread smishing attack campaign against toll road users...
21 Apr 2025
Biztonsági szemle
Significantly improved XorDDoS malware variant examined
Distributed denial-of-service malware XorDDoS has been enhanced with a more advanced controller as it continued to proliferate around the world from November 2023 to February 2025, according to Cyber Security News.
21 Apr 2025
Biztonsági szemle
It's 2025... so why are obviously malicious advertising URLs still going strong?, (Mon, Apr 21st)
While the old adage stating that âthe human factor is the weakest link in the cyber security chainâ will undoubtedly stay relevant in the near (and possibly far) future, the truth is that the tech industry could â and should â help alleviate...
21 Apr 2025
Biztonsági szemle
ISC Stormcast For Monday, April 21st, 2025 https://isc.sans.edu/podcastdetail/9416, (Mon, Apr 21st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
20 Apr 2025
Biztonsági szemle
Wireshark 4.4.6 Released, (Sun, Apr 20th)
Wireshark release 4.4.6 fixes 14 bugs.