FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
Today — June 26th 2025Your RSS feeds

FBI used bitcoin wallet records to peg notorious IntelBroker as UK national

Pro tip: Don't use your personal email account on BreachForums

The notorious data thief known as IntelBroker allegedly broke into computer systems belonging to more than 40 victims worldwide and stole their data, costing them at least $25 million in damages, according to newly unsealed court documents that also name IntelBroker as 25-year-old British national Kai West.…

What if Microsoft just turned you off? Security pro counts the cost of dependency

Czech researcher lays out a business case for reducing reliance on Redmond

Comment A sharply argued blog post warns that heavy reliance on Microsoft poses serious strategic risks for organizations – a viewpoint unlikely to win favor with Redmond or its millions of corporate customers.…

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

A 10.0 and a 9.8 – these aren’t patches to dwell on

Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems.…

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. "This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control

Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown

It's been almost a year since CrowdStrike crashed Windows PCs and disrupted businesses worldwide. New changes to the Windows security architecture will make those outages less likely and easier to recover from.

[webapps] Sitecore 10.4 - Remote Code Execution (RCE)

Sitecore 10.4 - Remote Code Execution (RCE)

[remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information

McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information

[webapps] Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)

Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects is

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET. "The list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even

Glasgow City Council online services crippled following cyberattack

Nothing confirmed but authority is operating under the assumption that data has been stolen

A cyberattack on Glasgow City Council is causing massive disruption with a slew of its digital services unavailable.…

Redefining Zero Trust in the Age of AI Agents and Agentic Workflows

AI-powered threats demand intent-based security. Cisco's Semantic Inspection Proxy redefines zero trust by analyzing agent behavior, ensuring semantic verification.

Qilin ransomware attack on NHS supplier contributed to patient fatality

Pathology outage caused by Synnovis breach linked to harm across dozens of healthcare facilities

The NHS says Qilin's ransomware attack on pathology services provider Synnovis last year led to the death of a patient.…

The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

By: Unknown
SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn’t. These platforms weren’t built with full-scale data

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

A new Trojan malware is targeting sensitive information, including crypto wallet seed phrases.

UK to buy nuclear-capable F-35As that can't be refueled from RAF tankers

Aircraft meant to bolster NATO deterrent will rely on allied support to stay airborne

The UK government is to buy 12 F-35A fighters capable of carrying nuclear weapons as part of the NATO deterrent, but there's a snag: the new jets are incompatible with the RAF's refueling tanker aircraft.…

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. "In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to

Frozen foods supermarket chain deploys facial recognition tech

Privacy campaigner brands Iceland's use of 'Orwellian' camera tech 'chilling,' CEO responds: 'It'll cut violent crime'

Privacy campaigners are branding frozen food retailer Iceland's decision to trial facial recognition technology (FRT) at several stores "chilling" – the UK supermarket chain says it's deploying the cameras to cut down on crime.…

Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa

Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where "CL" refers to "cluster" and "CRI" stands for "criminal motivation." It's suspected

That WhatsApp from an Israeli infosec expert could be a Iranian phish

Charming Kitten unsheathes its claws and tries to catch credentials

The cyber-ops arm of Iran's Islamic Revolutionary Guard Corps has started a spear-phishing campaign intent on stealing credentials from Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities.…

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing

We built a smart, searchable infosec library indexing 20+ years of resources

Hi Netsec,

Keeping up with the constant stream of cybersecurity news, writeups, and research is hard. So over the past couple of years, we’ve been building Talkback.sh — a smart, searchable infosec library we originally created to support our team, but chose to share it publicly because we figured others in the community would find it useful too. We did an initial blog post about it in early 2024 that ended up here on netsec, however since then it's evolved steadily, so this post summarises at this point in time what it does and how you can use it.

Firstly, what it does:

Talkback automatically aggregates content from:

  • 1000+ RSS feeds
  • Subreddits, blogs, Twitter/X, and other social media
  • Conference/infosec archives (e.g. Black Hat, USENIX, CTFtime, etc.)

Then it enriches and indexes all that data — extracting:

  • Infosec categories (e.g. "Exploit Development")
  • Topics (e.g. "Chrome")
  • MITRE ATT&CK, CVE IDs, and more
  • Short focused summaries of the content
  • It also archives each resource via the Wayback Machine, takes a screenshot, calculates a rank/score, tracks hosting info via Shodan, and builds out cross-references between related items.

And how you can use it:

The Talkback webapp gives you a few different ways to explore the system:

  • Inbox View – a personalised feed
  • Library View – with powerful filtering, sorting, and full-text search
  • Chronicles – explore content by Week, Month, or Year
  • Bookmarks, Tags, etc.
  • Custom Newsletters, RSS feeds, and a GraphQL API

We’ve found it incredibly valuable day-to-day, and hope you do too.

Check it out here: https://talkback.sh - happy to hear thoughts, feedback, or feature ideas!

submitted by /u/elttam
[link] [comments]

Read “Windows Registry Manipulation“ by ONESithuation

As red teamers, we often explore how attackers manipulate system components to achieve persistence, evade detection, or alter behavior. The Windows Registry, a critical configuration database, is a prime target for such operations. In this article, I’ll share a C++ program that demonstrates registry manipulation, explain its mechanics, and discuss its implications in offensive security all while emphasizing ethical use in authorized penetration testing. Whether you’re a red teamer, blue teamer, or developer, this guide offers insights into registry-based techniques and how to defend against them.

submitted by /u/Johny166xz
[link] [comments]

Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title> Tag

Posted by Brian Carpenter via Fulldisclosure on Jun 25

Hey list,

You can remotely crash httpx v1.7.0 (by ProjectDiscovery) by serving a malformed <title> tag on your website. The bug
is a classic out-of-bounds read in trimTitleTags() due to a missing bounds check when slicing the title string. It
panics with:

panic: runtime error: slice bounds out of range [9:6]

Affects anyone using httpx in their automated scanning pipeline. One malformed HTML response = scanner down. Unit
testing or...

WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews

Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later this year. It "uses Meta AI to

[remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)

PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)

[remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)

OneTrust SDK 6.33.0 - Denial Of Service (DoS)

[webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)

Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)

[remote] freeSSHd 1.0.9 - Denial of Service (DoS)

freeSSHd 1.0.9 - Denial of Service (DoS)

[remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)

Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
Yesterday — June 25th 2025Your RSS feeds

‘They're Not Breathing’: Inside the Chaos of ICE Detention Center 911 Calls

Records of hundreds of emergency calls from ICE detention centers obtained by WIRED—including audio recordings—show a system inundated by life-threatening incidents, delayed treatment, and overcrowding.

Citrix bleeds again: This time a zero-day exploited - patch now

Two emergency patches issued in two weeks

Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an emergency patch for yet another super-serious flaw in the same products — but not before criminals found and exploited it as a zero-day.…

Amazon's Ring can now use AI to 'learn the routines of your residence'

It's meant to cut down on false positives but could be a trove for mischief-makers

Ring doorbells and cameras are using AI to "learn the routines of your residence," via a new feature called Video Descriptions.…

How Avast's free AI-powered Scam Guardian protects you from online con artists

Now built into Avast Free Antivirus and Avast Premium Security, the AI-driven scam protection warns you about suspicious websites, messages, emails, and more.

Computer vision research feeds surveillance tech as patent links spike 5×

A bottomless appetite for tracking people as 'objects'

A new study shows academic computer vision papers feeding surveillance-enabling patents jumped more than fivefold from the 1990s to the 2010s.…

Supply chain attacks surge with orgs 'flying blind' about dependencies

Who is the third party that does the thing in our thing? Yep. Attacks explode over past year

The vast majority of global businesses are handling at least one material supply chain attack per year, but very few are doing enough to counter the growing threat.…

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse. First disclosed by

French cybercrime police arrest five suspected BreachForums admins

Twentysomethings claimed to be linked to spate of high-profile cybercrimes

The Paris police force's cybercrime brigade (BL2C) has arrested a further four men as part of a long-running investigation into the criminals behind BreachForums.…

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow that could result in unintended control flow and denial-of-service. However, successful exploitation requires the

Why Public Wi-Fi at Tourist Hotspots is a Goldmine for Hackers 

Picture this: You’ve just arrived at a bustling airport, exhausted from your journey but excited for your vacation. While waiting for your connecting flight, you pull out your phone to share that first travel selfie or check your hotel reservation. You spot the airport’s free Wi-Fi network and connect without a second thought. What you don’t realize is that you may have just handed cybercriminals the keys to your digital life. 

Tourist hotspots—airports, hotels, cafes, and popular destinations have become hunting grounds for hackers who exploit the very convenience that makes these locations attractive to travelers. The combination of rushed tourists, ubiquitous free Wi-Fi, and relaxed security awareness creates the perfect storm for cybercrime. 

The Shocking Reality: You’re More Vulnerable Than You Think 

The statistics paint an alarming picture of just how dangerous public Wi-Fi can be for travelers: 

  • 25% of travelers are hacked while using public Wi-Fi abroad 
  • 40% of people have had their information compromised while using public Wi-Fi networks 
  • One in four Wi-Fi hotspots are just waiting to be hacked 
  • 78% of people don’t use VPN protection while connected to public Wi-Fi during travel 

These aren’t just numbers—they represent real people whose vacations turned into identity theft nightmares, drained bank accounts, and compromised personal information that can haunt them for years. 

Why Tourist Hotspots Are Hacker Paradise

Airport Wi-Fi is known to be a “hacker honeypot” due to typically lax security. Think about it: thousands of tired, distracted travelers pass hrough daily, each carrying devices loaded with personal and financial information. Just one airport network could hold hundreds to thousands of potential targets. 

Hotels: Your Safe Haven Isn’t So Safe

Unsecured hotel networks can be accessed by anyone near the hotel, allowing them to monitor traffic to connected devices. Many hotels prioritize convenience over security, offering open networks that make it trivially easy for cybercriminals to intercept your data. 

Cafes and Tourist Attractions: Where Convenience Meets Vulnerability

Popular cafes, restaurants, and tourist attractions often offer free Wi-Fi as a customer amenity. However, public Wi-Fi networks are typically unencrypted, meaning data transmitted over these networks can be intercepted by hackers. 

The Hacker’s Playbook: How They Turn Your Connection Into Cash

Evil Twin Networks: The Perfect Impersonation

Cybercriminals are now updating an old cybercrime tactic called “evil twin” attacks. Here’s how it works: hackers create fake Wi-Fi networks with names that closely resemble legitimate ones. Instead of connecting to “Airport_WiFi,” you might accidentally connect to “Airport_Wi-Fi” or “Airport_Free_WiFi.” The miniaturization of digital twinning technology has made this kind of cyberattack more appealing to hackers, with the technology to pull it off available for less than $500. 

Man-in-the-Middle Attacks: The Digital Eavesdropper

The biggest threat to free Wi-Fi security is the ability for hackers to position themselves between you and the connection point. Instead of your data going directly to its intended destination, it first passes through the hacker’s system, giving them access to everything: emails, passwords, credit card information, and even business credentials. 

Packet Sniffing: Reading Your Digital Mail 

Hackers use packet sniffing tools to capture and analyze traffic, extracting personal information from unsuspecting users. This sophisticated technique allows cybercriminals to intercept and read data that isn’t properly encrypted, turning your private communications into an open book. 

Malware Distribution: The Unwanted Souvenir

Hackers can use an unsecured Wi-Fi connection to distribute malware. Some have even managed to hack connection points themselves, causing pop-up windows to appear offering fake software updates that actually install malicious code on your device. 

The Psychology Behind Tourist Vulnerability

Vacation Brain: When Guards Come Down

When on vacation, people tend to forget about their online security,” said cybersecurity expert Daniel Markuson. The excitement of travel combined with the stress of navigating unfamiliar places creates a perfect storm where normal security awareness takes a backseat to convenience. 

The Urgency Factor 

“It is typical to scroll through your phone while waiting for a flight or train. However, when on vacation, people tend to forget about their online security. Hackers take advantage of that and use the public Wi-Fi network weaknesses in airports and train stations to get their hands onto sensitive personal or corporate data”. 

McAfee Mobile Security: Your Digital Bodyguard for Every Journey

Understanding these threats is the first step, but protection requires the right tools. McAfee Mobile Security, available on both the Google Play Store and iOS App Store for iPhones, provides comprehensive protection designed specifically for the challenges travelers face. 

McAfee Secure VPN: Bank-Grade Protection in Your Pocket

McAfee’s automatic VPN proxy ensures secure browsing and hides your IP address for added privacy, while the network scanner and Wi-Fi security verify connections, keeping you safe on public networks. 

Key VPN Features:

  • Automatic Activation: McAfee unlimited VPN turns on automatically to protect your personal data and credit card info, so you can bank, shop, and browse online privately anywhere you go 
  • Bank-Grade Encryption: McAfee VPN for Android and iPhone gives you access to bank-grade Wi-Fi encryption so you can browse in confidence 
  • Global Server Network: Connect to different countries and change your location & IP address 

Wi-Fi Security Scanner: Your Network Detective

Receive alerts when connecting to an unsecured Wi-Fi network or hotspot. Wi-Fi scan analyzes networks for security and ensures a safer online connection. This feature acts as your personal network security expert, warning you before you connect to potentially dangerous networks. 

Real-Time Threat Protection

Safe Browsing Protection: Block malicious websites automatically so you can browse safely. Safe browsing alerts protect you from phishing and leaking personal info. 

Text and Email Scam Detection: Text scam protection filters risky messages and phishing attempts, and blocks harmful sites. Identify risky emails and get scam warnings with email scam protection. 

Getting Protected: Download McAfee Mobile Security Today

For Android Users: McAfee Mobile Security is available on the Google Play Store. The app combines antivirus protection, VPN security, and identity monitoring in one comprehensive package. 

For iPhone Users: iOS users can download McAfee Security from the App Store, providing the same robust protection optimized for Apple devices. 

Beyond VPN: Additional Travel Security Best Practices

While McAfee’s mobile security provides robust protection, combining it with smart travel habits creates an impenetrable defense: 

Verify Network Names Always confirm the exact Wi-Fi network name with establishment staff. Hackers create fake Wi-Fi hotspots that have convincing names designed to trick travelers. 

Use Mobile Hotspot When Possible “My favorite way to avoid evil twin attacks is to use your phone’s mobile hotspot if possible,” said cybersecurity expert Brian Callahan. This creates a secure, personal network that only you control. 

Disable Auto-Connect Set your mobile device to ‘ask’ before it connects to a Wi-Fi network, rather than automatically connecting to an available network. This simple setting prevents your device from automatically connecting to malicious networks. 

Keep Software Updated Updates often include security patches that address vulnerabilities and protect against emerging threats. Before traveling, ensure all your devices and security software are current. 

The Cost of Complacency vs. The Value of Protection

Consider the true cost of a security breach while traveling: 

  • Identity theft recovery can take months or years 
  • Fraudulent charges can drain bank accounts 
  • Compromised business credentials can affect your career 
  • Stolen personal photos and information can be used for extortion 

Compare this to the minimal cost of McAfee Mobile Security, which provides comprehensive protection for less than the price of a coffee at most airport cafes. 

Looking Ahead: The Evolving Threat Landscape

As cyber threats evolve, traditional security measures like VPNs may no longer be sufficient on their own. However, McAfee’s mobile security suite evolves continuously, incorporating the latest threat intelligence and protection technologies to stay ahead of cybercriminals. 

The integration of AI-powered threat detection, real-time network analysis, and behavioral monitoring means your protection improves automatically as new threats emerge. 

Your Next Steps: Travel Smart, Stay Protected

Don’t let cybercriminals turn your dream vacation into a digital nightmare. Before your next trip: 

  1. Download McAfee Mobile Security from the Google Play Store or iOS App Store 
  2. Enable automatic VPN protection for seamless security 
  3. Configure Wi-Fi scanning to alert you to unsafe networks 
  4. Review your travel security settings to ensure optimal protection 

With the right cybersecurity tools, it’s easy to surf the web securely while exploring new destinations. McAfee Mobile Security ensures that your only worry while traveling is choosing which adventure comes next not whether your personal information is safe. 

Your journey should be about creating memories, not dealing with the aftermath of cybercrime. With McAfee Mobile Security protecting your digital life, you can focus on what really matters: enjoying every moment of your travels while staying completely secure. Ready to protect your travels? Download McAfee Mobile Security today from the Google Play Store or iOS App Store and travel with confidence, knowing your digital life is secure no matter where your adventures take you. 

 

The post Why Public Wi-Fi at Tourist Hotspots is a Goldmine for Hackers  appeared first on McAfee Blog.

How to Set Up Your Own WireGuard VPN on a VPS (Beginner-Friendly Tutorial)

Just posted a full tutorial for anyone looking to set up their own WireGuard VPN server — especially useful for bug bounty hunters or privacy-conscious folks who want to rotate their IP address.

submitted by /u/kongwenbin
[link] [comments]

How Criminals Are Using AI to Clone Travel Agents and Steal Your Money

Your dream vacation could become a nightmare if you fall for these sophisticated AI-powered scams. The travel industry is experiencing an unprecedented surge in AI-powered fraud. What started as simple fake booking websites has evolved into something far more sinister: criminals are now using artificial intelligence to clone the voices and identities of trusted travel agents, creating convincing impersonations that can fool even the most cautious travelers. 

Recent data paints a sobering picture. Booking.com reports a staggering 500 to 900 percent increase in travel scams over the past 18 months, largely driven by AI technology. McAfee research reveals that 30 percent of adults have either fallen victim to online travel scams or know someone who has while trying to save money on travel. 

The New Face of Travel Fraud: AI Voice Cloning

Gone are the days when scammers relied solely on poorly written emails with obvious typos. Today’s travel fraudsters are weaponizing AI voice cloning technology that requires as little as three seconds of audio to create a convincing replica of someone’s voice. Here’s how these sophisticated scams typically unfold: 

The Setup: Criminals research legitimate travel agents, tour operators, or booking specialists through social media, company websites, and online videos. They harvest voice samples from promotional videos, webinars, or even customer service recordings. 

The Clone: Using readily available AI tools—some costing as little as $5 to $10 per month—scammers create voice clones that perfectly mimic speech patterns, accents, and even emotional nuances of real travel professionals. 

The Hook: Armed with these cloned voices, criminals make convincing phone calls to potential victims, often claiming to represent established travel agencies or offering “exclusive” deals that create urgency to book immediately. 

Red Flags: How to Spot AI-Cloned Travel Agents 

While AI voice cloning technology has become incredibly sophisticated, there are still warning signs you can watch for: 

Listen for inconsistencies: Pay attention to unusual word choices, stilted language, or responses that seem rehearsed or robotic. AI-generated voices may struggle with emotional range or natural conversation flow. 

Verify through multiple channels: If someone claiming to be a travel agent unexpectedly contacts you, hang up and call the agency directly using a number you find independently—never redial the number that called you. 

Be wary of pressure tactics: Legitimate travel agents won’t pressure you to book immediately or demand payment through untraceable methods like wire transfers, cryptocurrency, or gift cards. 

Check for licensing and credentials: Ask for specific licensing information and verify it independently. Real travel agents are typically registered with industry organizations and local business bureaus. 

Beyond Voice Cloning: The Full Arsenal of AI Travel Scams

Voice cloning is just one weapon in the modern scammer’s arsenal. Criminals are also using AI to: 

Create convincing fake websites: AI tools can quickly generate professional-looking travel booking sites that mirror legitimate companies, complete with stolen branding and customer reviews. 

Generate fake reviews: AI-written testimonials can flood fake listings with glowing five-star reviews that seem authentic but are entirely fabricated. 

Produce deepfake videos: Some sophisticated scams now include video calls featuring AI-generated faces that can interact in real-time, making the deception even more convincing. 

Automate phishing campaigns: AI helps criminals create personalized emails and messages that target specific individuals based on their travel history and preferences. 

The Financial Impact: Why These Scams Are So Devastating

The financial consequences of AI-powered travel scams can be catastrophic. VPNRanks predicts that travel scam losses could reach $13 billion globally by 2025, with an average loss of nearly $1,000 per victim. Even more concerning, business travelers face a 65 percent higher risk of falling victim compared to leisure travelers. 

The sophistication of these scams means that even cybersecurity-savvy individuals can be caught off guard. In one notable case, a finance worker in Hong Kong was tricked by an AI-powered deepfake video call into transferring over $25 million to criminals who had used publicly available footage to impersonate multiple senior executives. 

How McAfee Protects You from AI-Powered Travel Scams

At McAfee, we understand that the same AI technology enabling these scams can also be our best defense against them. Our comprehensive McAfee+ protection suite includes several key features specifically designed to combat these emerging threats: 

McAfee Scam Detector: Our AI technology powers advanced scam detection that can identify suspicious patterns and behaviors. This includes recognizing potentially fraudulent communications before they reach you on text messages, email and even deepfake protection. 

Identity Monitoring and Alerts: Our comprehensive identity monitoring watches for signs that your personal information may have been compromised—a critical early warning system since scammers often research their targets extensively before launching attacks. 

Safe Browsing Protection: When you’re researching travel options online, our web advisor protection features block access to known malicious sites and warn you about suspicious domains in real-time. 

Personal Data Cleanup: We help remove your personal information from data broker sites that scammers often use to research potential victims, reducing your exposure to targeted attacks. 

Your Defense Strategy: Staying Safe in the Age of AI Scams

Protection against AI-powered travel scams requires a multi-layered approach combining technology, awareness, and smart practices: 

Verify independently: Always confirm travel arrangements through official channels. If someone calls claiming to represent a travel company, hang up and call the company directly using contact information from their official website. 

Be skeptical of urgency: Legitimate travel deals don’t require immediate action. Take time to research and verify any offer, especially if it involves upfront payments or personal information. 

Use secure payment methods: Avoid wire transfers, cryptocurrency, or gift cards for travel payments. Use credit cards that offer fraud protection and dispute resolution. 

Limit social media exposure: Be cautious about posting travel plans, photos, or videos that could provide scammers with material to clone your voice or research your activities. 

Trust your instincts: If something feels off about a conversation or offer, don’t ignore that feeling. It’s better to miss out on a potentially legitimate deal than fall victim to a sophisticated scam. 

The Road Ahead: Preparing for Future Threats

As AI technology continues to evolve, we can expect travel scams to become even more sophisticated. Future threats may include real-time deepfake video calls, AI-generated virtual travel agents with full conversational abilities, and hyper-personalized scams based on extensive data analysis. 

The key to staying protected is maintaining vigilance while leveraging advanced security tools. McAfee’s AI-powered protection evolves continuously to stay ahead of emerging threats, providing you with the most current defense against the latest scamming techniques. 

Your dream vacation should remain exactly that—a dream come true, not a financial nightmare. By staying informed about these threats and using comprehensive protection like McAfee’s identity and scam protection services, you can travel with confidence, knowing you’re protected against even the most sophisticated AI-powered fraud attempts. 

Remember: in our digital age, the best travel companion isn’t just a good guidebook—it’s robust cybersecurity protection that travels with you wherever you go.  

Ready to protect yourself from AI-powered scams? Learn how McAfee+ and its comprehensive identity theft protection and AI-powered scam detection is designed to keep you safe while traveling and beyond. 

The post How Criminals Are Using AI to Clone Travel Agents and Steal Your Money appeared first on McAfee Blog.

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions. The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January

Ring's new generative AI feature is here to answer your 'who's there?' or 'what was that?' questions

Called Video Descriptions, the AI feature generates detailed descriptions of what your Ring camera sees and delivers it in your notifications.

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation "carried out by Iran and its proxies." "The actors

Beware the Hidden Risk in Your Entra Environment

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in

Incogni vs. DeleteMe: Which service removes your personal data best?

Incogni and DeleteMe are data removal services that can help you lock down your data, but they specialize in different areas. Read on to discover which service will suit you best.

UK govt dept website that campaigns against encryption hijacked to advertise ... payday loans

Company at center of findings blamed SEO on outsourcer

A website developed for the UK Home Office's 2022 "flop" anti-encryption campaign has seemingly been hijacked to push a payday loan scheme.…

SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks

Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. "NetExtender enables remote users to securely connect and run applications on the company network," SonicWall researcher Sravan Ganachari said. "Users can upload and download files, access network drives, and use

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket, the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts. These packages have been collectively downloaded over 4,000 times. The complete list of the JavaScript

These battery-powered 4K security cameras give Ring and Blink a run for their money

TP-Link's new cameras feature 4K capabilities with 24/7 recording, thanks to the HomeBase H500. They're also cheaper than their closest competitors.

Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options

Microsoft on Tuesday announced that it's extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the cloud. The development comes ahead of the tech giant's upcoming October 14, 2025, deadline, when it plans to officially end support and stop providing security updates for devices running Windows 10. The
Before yesterdayYour RSS feeds

Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack

Why are you even reading this story? Patch now!

Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation. Yet.…

Does your generative AI protect your privacy? New study ranks them best to worst

Le Chat and Grok are the most respectful of your privacy. So which ones are the worst offenders?

New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public

The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public. The new guideline seeks to help officials verify the identity and eligibility of applicants under U.S. law. The U.S. Embassy said every visa application review is a "national security decision." "Effective immediately, all individuals applying for an
❌