Australian banks are now using bots to combat scammers. These bots mimic potential victims to gather real-time information and drain scammers’ resources. The collected data is sent to fraud detection systems used by banks, telecom companies, and government agencies. On June 27, Commonwealth Bank of Australia launched 10,000 AI bots …
Read More »
The Villager framework, an AI-powered penetration testing tool, integrates Kali Linux tools with DeepSeek AI to automate cyber attack processes. Developed by the Chinese group Cyberspike, it was released on the Python Package Index in July 2025 and quickly gained over 10,000 downloads in two months. Villager marks a major …
Read More »
Albania has appointed the first AI-generated government minister to help eliminate corruption. Diella, the digital assistant meaning Sun, has been helping people use government services online since January. On Thursday, Prime Minister Edi Rama introduced a new digital minister to his cabinet. “Diella is the first [government] member who is …
Read More »
On September 1, 2025, Qrator Lab identified and managed a major attack from the largest L7 DDoS botnet seen so far, targeting a government organization. A total of 5.76 million IP addresses were blocked. Qrator Labs has been tracking a botnet for months. The first attack occurred on March 26, …
Read More »
Investigations into the Nx “s1ngularity” NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. According to a post-incident evaluation by Wiz researchers, the Nx compromise has resulted in the exposure of 2,180 accounts and 7,200 repositories across three distinct phases. Wiz …
Read More »
Security researchers found that three unauthorized TLS certificates were issued in May 2025 for 1.1.1.1, the public DNS service operated by Cloudflare. Improperly issued certificates by the Fina RDC 2020 authority could let attackers intercept and decrypt DNS queries, revealing users’ browsing habits. However, if a malicious or unauthorized party …
Read More »
Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. The company states that it was one of hundreds of companies affected by a supply-chain attack disclosed last week, in …
Read More »
A viral story claims that Google has warned all 2.5 billion Gmail users about account risks due to a recent Salesforce breach, but this is false; no such warning exists. Google has now responded, that “unfortunately, several inaccurate claims surfaced this week incorrectly claiming we issued a broad warning to …
Read More »
Domains aimed at capitalizing on the FIFA Club World Cup 2025 in the U.S. have been discovered, signaling preparations for the upcoming 2026 World Cup. PreCrime Labs from BforeAI, a cybersecurity firm focused on proactive threat prevention, reports that many domains for the FIFA World Cup 2026 have already been registered …
Read More »
A new Android malware called SikkahBot is targeting students in Bangladesh by pretending to be official apps from the Bangladesh Education Board. Cyble Research and Intelligence Labs (CRIL) found that this malware has been active since July 2024. According to CRIL, the SikkahBot malware is distributed through shortened URLs, including …
Read More »
InfoSecBulletin Cybersecurity for mankind