APT28 deploys NotDoor Outlook backdoor via OneDrive DLL side-loading, enabling email-based data theft in NATO firms.
Get the latest international news and world events from around the world.
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam.
The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module codenamed Gamshen. The threat actor is believed to be active since at least August 2024.
“While Rungan has the capability of executing commands on a compromised server, the purpose of Gamshen is to provide SEO fraud as-a-service, i.e., to manipulate search engine results, boosting the page ranking of a configured target website,” ESET researcher Fernando Tavella said in a report shared with The Hacker News.
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass social media platform X’s malvertising protections and propagate malicious links using its artificial intelligence (AI) assistant Grok.
The findings were highlighted by Nati Tal, head of Guardio Labs, in a series of posts on X. The technique has been codenamed Grokking.
The approach is designed to get around restrictions imposed by X in Promoted Ads that allow users to only include text, images, or videos, and subsequently amplify them to a broader audience, attracting hundreds of thousands of impressions through paid promotion.
Hackers exploited Sitecore zero-day flaw to deploy backdoors
Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware.
The flaw, tracked under CVE-2025–53690, is a ViewState deserialization vulnerability caused by the inclusion of a sample ASP.NET machine key in pre-2017 Sitecore guides.
Some customers reused this key in production, allowing attackers with knowledge of the key to craft valid, but malicious ‘_VIEWSTATE’ payloads that tricked the server into deserializing and executing them, leading to remote code execution (RCE).
France slaps Google with €325M fine for violating cookie regulations
The French data protection authority has fined Google €325 million ($378 million) for violating cookie regulations and displaying ads between Gmail users’ emails without their consent.
During several investigations between 2022 and 2023, the National Commission on Informatics and Liberty (CNIL) found that Google’s Gmail email service displayed advertisements in the “Promotions” and “Social” tabs without the consent of Gmail users, thereby breaching Article L. 34–5 of the French Postal and Electronic Communications Code (CPCE).
As explained in a press release issued on Wednesday, this fine was imposed because Google breached the French Data Protection Act (Article 82) by failing to inform users who created new accounts that they were required to allow the search giant to place cookies for advertising purposes to access its services.
Google fixes actively exploited Android flaws in September update
Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws.
The two flaws that were detected as exploited in zero-day attacks are CVE-2025–38352, an elevation of privilege in the Android kernel, and CVE-2025–48543, also an elevation of privilege problem in the Android Runtime component.
Google noted in its bulletin that there are indications that those two flaws may be under limited, targeted exploitation, without sharing any more details.
Dr. Roman Yampolskiy: These Are The Only 5 Jobs That Will Remain In 2030!
WARNING: AI could end humanity, and we’re completely unprepared. Dr. Roman Yampolskiy reveals how AI will take 99% of jobs, why Sam Altman is ignoring safety, and how we’re heading toward global collapse…or even World War III.
Dr. Roman Yampolskiy is a leading voice in AI safety and a Professor of Computer Science and Engineering. He coined the term “AI safety” in 2010 and has published over 100 papers on the dangers of AI. He is also the author of books such as, ‘Considerations on the AI Endgame: Ethics, Risks and Computational Frameworks’
He explains:
⬛How AI could release a deadly virus.
⬛Why these 5 jobs might be the only ones left.
⬛How superintelligence will dominate humans.
⬛Why ‘superintelligence’ could trigger a global collapse by 2027
⬛How AI could be worse than nuclear weapons.
⬛Why we’re almost certainly living in a simulation.
00:00 Intro.
02:28 How to Stop AI From Killing Everyone.
04:35 What’s the Probability Something Goes Wrong?
04:57 How Long Have You Been Working on AI Safety?
08:15 What Is AI?
09:54 Prediction for 2027
11:38 What Jobs Will Actually Exist?
14:27 Can AI Really Take All Jobs?
18:49 What Happens When All Jobs Are Taken?
20:32 Is There a Good Argument Against AI Replacing Humans?
22:04 Prediction for 2030
23:58 What Happens by 2045?
25:37 Will We Just Find New Careers and Ways to Live?
28:51 Is Anything More Important Than AI Safety Right Now?
30:07 Can’t We Just Unplug It?
31:32 Do We Just Go With It?
37:20 What Is Most Likely to Cause Human Extinction?
39:45 No One Knows What’s Going On Inside AI
41:30 Ads.
42:32 Thoughts on OpenAI and Sam Altman.
46:24 What Will the World Look Like in 2100?
46:56 What Can Be Done About the AI Doom Narrative?
53:55 Should People Be Protesting?
56:10 Are We Living in a Simulation?
1:01:45 How Certain Are You We’re in a Simulation?
1:07:45 Can We Live Forever?
1:12:20 Bitcoin.
1:14:03 What Should I Do Differently After This Conversation?
1:15:07 Are You Religious?
1:17:11 Do These Conversations Make People Feel Good?
1:20:10 What Do Your Strongest Critics Say?
1:21:36 Closing Statements.
1:22:08 If You Had One Button, What Would You Pick?
1:23:36 Are We Moving Toward Mass Unemployment?
1:24:37 Most Important Characteristics.
Follow Dr Roman:
X — https://bit.ly/41C7f70
Google Scholar — https://bit.ly/4gaGE72
You can purchase Dr Roman’s book, ‘Considerations on the AI Endgame: Ethics, Risks and Computational Frameworks’, here: https://amzn.to/4g4Jpa5
Apertura Gene Therapy and Rett Syndrome Research Trust Collaborate to Pioneer Advanced Genetic Medicines for Rett Syndrome Using TfR1-Targeted AAV Capsid
NEW YORK and TRUMBULL, Conn., April 30, 2025 /PRNewswire/ — Apertura Gene Therapy, a biotechnology company focused on innovative gene therapy solutions, and the Rett Syndrome Research Trust (RSRT), an organization working to cure Rett Syndrome, today announced a collaboration to license Apertura’s human transferrin receptor 1 capsid (TfR1 CapX). This partnership aims to advance innovative genetic medicine approaches for the treatment of Rett Syndrome, a rare genetic neurological disorder caused by random mutations in the MECP2 gene on the X chromosome that primarily affect females, causing developmental regression and severe motor and language impairments.
Apertura’s TfR1 CapX is an intravenously delivered adeno-associated virus (AAV) capsid engineered to bind the transferrin receptor 1(TfR1), enabling efficient delivery of genetic medicines across the blood-brain barrier (BBB). TfR1 is a well-characterized BBB-crossing receptor, broadly and consistently expressed throughout life—even in the context of neurological disease—making it an attractive target for CNS delivery in disorders like Rett syndrome. Developed by Apertura’s academic founder, Dr. Ben Deverman, Director of Vector Engineering at the Broad Institute, TfR1 CapX has shown strong CNS selectivity in preclinical studies, achieving over 50% neuronal and 90% astrocyte transduction across multiple brain regions. Because Rett syndrome affects the brain diffusely, broader cellular transduction may correlate with greater symptomatic improvement.
