A novel side-channel attack named Mic-E-Mouse has been demonstrated, leveraging high-DPI optical mouse sensors to capture desk vibrations and reconstruct nearby speech. This technique transforms a common input device into a covert surveillance tool.

Security researchers have unveiled a novel side-channel attack named Mic-E-Mouse, which exploits high-DPI optical sensors in modern computer mice to capture and reconstruct human speech.

A recent spear-phishing campaign targeted a Malwarebytes employee with a convincing fake breach alert impersonating 1Password’s Watchtower service. The attackers aimed to steal the victim’s 1Password credentials.

A significant surge in reconnaissance scans has been detected targeting Palo Alto Networks login portals. Experts reported a 500% increase in scanning activity, with over 1,285 unique IPs involved on October 3.

A novel Command and Control (C2) technique has emerged that leverages AWS X-Ray, Amazon’s distributed tracing service, as a covert bidirectional C2 channel. This method exploits legitimate cloud infrastructure to evade traditional network defenses.

CISA released two Industrial Control Systems (ICS) advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

Google researchers are tracking a suspected Cl0p ransomware group’s activity, where threat actors attempt to extort executives with claims of stealing Oracle E-Business Suite data.

Threat actors are exploiting unsecured Milesight IoT cellular routers to send SMS-based phishing messages. These routers are widely deployed in critical infrastructure such as traffic lights and electric power meters.

A wave of smishing attacks has been traced to exploited Milesight Industrial Cellular Routers, with attackers abusing their APIs to send phishing SMS messages. These campaigns primarily target Belgian users.

A newly disclosed hardware-based attack, dubbed Battering RAM, enables attackers to bypass memory encryption protections in Intel SGX and AMD SEV-SNP technologies. It leverages a low-cost DDR4 interposer to manipulate memory access.