Grok 3: “Adolf Hitler è un Benefattore tedesco”! Il rischio della memoria persistente e disinformazione

Link all'articolo : https://www.redhotcyber.com/post/grok-3-adolf-hitler-e-un-benefattore-tedesco-il-rischio-della-memoria-persistente-e-disinformazione/

Ready to go beyond academic theory and into real-world AI security testing?

Join Jason Haddix on November 4–5 at OWASP Global AppSec USA 2025 for a 2-day, hands-on training: Attacking AI.

This intermediate-level course is packed with case studies, real methodologies, and tactics drawn from Arcanum’s cutting-edge AI assessments.

REGISTER: https://owasp.glueup.com/event/131624/register/

Possible Phishing
on: hxxps[:]//tinyurl[.]com/bdhad33a
Analysis at: https://urldna.io/scan/6874eb2e3b7750000a095755
#cybersecurity #phishing #infosec #urldna #scam #infosec

MoonPay executives lose $250,300 in shocking crypto scam, raising serious concerns about digital asset security and insider targeting. #MoonPay #CryptoScam #CryptoNews #BlockchainFraud #DigitalAssets #CyberSecurity #CryptoHack #ScamAlert #Web3 #CryptoLoss #MoonPayScam
https://meyka.com/blog/moonpay-executives-fall-victim-to-250300-crypto-scam/

Major Linux distros are scrambling after researchers uncovered critical #sudo flaws . These bugs, present since 2013, let local attackers gain root access and run any files. Patches are out—admins should update ASAP! #Linux #CyberSecurity #newz

Read more: https://www.techradar.com/pro/security/several-major-linux-distros-hit-by-serious-sudo-security-flaws

Spain awards Huawei a €12.3M contract to store and manage police wiretaps, sparking debate over national security and strategic contradictions . While banned from 5G, Huawei now handles sensitive data for law enforcement. #Huawei #Spain #Cybersecurity #newz

https://www.techradar.com/pro/security/the-spanish-government-wants-huawei-to-monitor-for-system-wiretaps

Hackers are spreading **malware** disguised as a "free VPN" on GitHub, targeting gamers & privacy-seekers! The fake VPN drops Lumma Stealer straight into your system. Always verify downloads and avoid unofficial software. Stay safe! #Cybersecurity #Malware #VPN #newz

https://www.techradar.com/pro/criminals-are-using-a-dangerous-fake-free-vpn-to-spread-malware-via-github-heres-how-to-stay-safe

Threat Actors Use Sophisticated Hacking Tools to Destroy Organizations Critical Infrastructure https://cybersecuritynews.com/threat-actors-use-sophisticated-hacking-tools/ #CyberSecurityNews #cybersecuritynews #cybersecurity #Threats

Possible Phishing
on: hxxps[:]//srtycuiksdjldfyujew-easdyufyaifysduyjkqefhads[.]teemill[.]com
Analysis at: https://urldna.io/scan/6874ef3c3b7750000a095778
#cybersecurity #phishing #infosec #urldna #scam #infosec

Louis Vuitton Just Got Hacked. Again.

High-end doesn’t mean high security — and this breach proves it.

#Monday Tip:
If your login system still allows weak passwords or reused credentials, fix it today.
#CyberSecurity #DataBreach #LuxuryRetail #EDR #ZeroTrust #LouisVuitton

Another phishing email going around, targeting #netcup users

email comes from

contact [at] anghelhotel [dot] com

Domain registered 2012 so who knows why it's getting routed data like this now.

The phishing link in the email leads to:

hxxp://12229530 [dot] sophrologie-arles [dot] com/?id=$YOUR_DOMAIN

where $YOUR_DOMAIN is your registered domain/website that is hosted on netcup. Rather, the domain doesn't have to be managed DNS wise by netcup, just hosted on a netcup IP.

Another reference:
https://lowendtalk.com/discussion/comment/4469840/#Comment_4469840

#Cybersecurity hat nicht nur mit Finanzmitteln zu tun - aber auch:

Das #BSI-Budget betrug 2024 238 Mio. EUR, 2025 sollen aus dem BMI-Etat 231 Mio. EUR an das BSI gehen.

Schon jetzt dürfte fraglich sein, ob das BSI in der Lage ist, sämtliche ihm übertragenen Aufgaben in gleicher Intensität und Güte zu erfüllen - mit der nationalen Umsetzung von #NIS2 und perspektivisch dem EU CRA dürften die benötigten Ressourcen gegenüber dem gegenwärtigen Stand noch deutlich wachsen:

https://www.behoerden-spiegel.de/2025/07/11/milliarden-fuer-digitalisierung-aber-bsi-muss-sparen/

GPUHammer: Attacchi hardware sulle GPU NVIDIA portano alla compromissione dei modelli di AI

Link all'articolo : https://www.redhotcyber.com/post/gpuhammer-attacchi-hardware-sulle-gpu-nvidia-portano-alla-compromissione-dei-modelli-di-ai/

The 2023 National Cybersecurity Strategy Implementation Plan reshapes how the U.S. defends against digital threats—from secure‑by‑design software to private‑sector accountability.

In our new white paper, we explore how public-private partnerships and emerging tech drive (or hinder) progress.

Read more → https://mercurysecurity.io/navigating-public-private-partnerships-and-emerging-technologies/

Critical buffer overflow flaw reported in D-Link DIR-825 routers

Security researchers have discovered a critical stack-based buffer overflow vulnerability in D-Link DIR-825 Rev.
When the router processes subsequent requests to ASP pages containing specific script tags, the stored language value is retrieved and processed through multiple functions, ultimately leading to a stack overflow condition.
js”></script> is requested, the router attempts to process the stored language value, leading to a stack overflow in the sub_40bFC4 function.
The researcher provided a detailed proof of concept demonstrating the vulnerability’s exploitation.
cgi with a carefully crafted payload containing an extremely long language parameter value.

**If you have a D-Link DIR-825 router, isolate its web interface from any public networks and block external access since this model is no longer supported with security updates. Consider replacing the router since it won't be getting any patches. And other flaws will be found.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-buffer-overflow-flaw-reported-in-d-link-dir-825-routers-4-f-1-t-h/gD2P6Ple2L

Possible Phishing
on: hxxp[:]//lombado411[.]github[.]io/onyeka/doc[.]html
Analysis at: https://urldna.io/scan/6874e7423b77500010a6f66a
#cybersecurity #phishing #infosec #urldna #scam #infosec

Attackers are weaponizing GitHub to deliver powerful infostealing malware under the guise of a free VPN.

Read more: https://cnews.link/github-free-vpn-lumma-infostealer-scam-5/
#GitHub #VPN #malware #cybersecurity

Possible Phishing
on: hxxps[:]//atthelpmode[.]wixsite[.]com/my-site-1
Analysis at: https://urldna.io/scan/6874e7353b77500010a6f636
#cybersecurity #phishing #infosec #urldna #scam #infosec

KongTuke FileFix Leads to New Interlock RAT Variant

Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware, a shift from the previously identified JavaScript-based Interlock RAT (aka NodeSnake), uses PHP and is being used in a widespread campaign.

Attack Chain
FileFix lure PowerShell Obfuscated PHP RAT

Key Capabilities
Automated Discovery
‣ Enumerates processes, services, ARP tables, and user context

Hands-On-Keyboard Activity
‣ net user, tasklist, nltest, whoami, dir, and more

Execution & Persistence
‣ Runs EXE, DLL, and shell commands
‣ Establishes persistence via registry Run key

Full Report:

https://thedfirreport.com/2025/07/14/kongtuke-filefix-leads-to-new-interlock-rat-variant/