A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.
Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malwareView the full article
Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil).
"Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations," SwissView the full article
Microsoft has disclosed details of a large-scale malvertising campaign that's estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information.
The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker used for a set of threat actorsView the full article
Are you tired of dealing with outdated security tools that never seem to give you the full picture? You’re not alone.
Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That’s why we’re excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM).
ASPM brings together the best of bothView the full article
For verified travel tips and real support, visit: [Hidden Content]
Access on-demand webinar here
Avoid a $100,000/month Compliance Disaster
March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in non-compliance fines? PCI DSS v4 is coming, and businesses handling payment card data must be prepared.
Beyond fines, non-compliance exposes businesses to web skimming, third-party script attacks, andView the full article
Cybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that's equipped to steal a victim's Ethereum private keys by impersonating popular libraries.
The package in question is set-utils, which has received 1,077 downloads to date. It's no longer available for download from the official registry.
"Disguised as a simple utility for PythonView the full article
A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex ("garantex[.]org"), nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022.
"The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney'sView the full article
Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a "highly sophisticated, state-sponsored attack," stating the North Korean threat actors behind the hack took steps to erase traces of the malicious activity in an effort to hamper investigation efforts.
The multi-signature (multisig) platform, which has roped in Google Cloud Mandiant toView the full article
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.
"The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technicalView the full article
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution.
"Prototype pollution in Kibana leads toView the full article
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.
"EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions," Outpost24 KrakenLabs said in a new report shared with TheView the full article
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023 and 2024.
In the first two months of 2025 alone, the group has claimed over 40 attacks, according to data from the Symantec Threat Hunter Team said in a report shared with The Hacker News. TheView the full article
Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers move through their environment.
This is where attack graphs come in. By mapping potential attack pathsView the full article
Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors.
"Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in a Wednesday analysis.
The malicious JavaScript code has been found to be served via cdn.csyndication[View the full article
The U.S. Department of Justice (DoJ) has announced charges against 12 ******** nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally.
The individuals include two officers of the People's Republic of China's (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, AnxunView the full article
The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks.
That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hackingView the full article
USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization's reputation. An example is the Stuxnet worm discovered in 2010, a malware designed toView the full article
The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access ******* called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.
The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a "full suite of espionage features."
"It could upload files, capture screenshotsView the full article
Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information.
"These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations," Google said. "And more phone calling scammers are using spoofing techniques to hide their realView the full article
The threat actor known as Lotus Panda has been observed targeting government, manufacturing, telecommunications, and media sectors in the Philippines, Vietnam, Hong Kong, and Taiwan with updated versions of a known ********* called Sagerunex.
"Lotus Blossom has been using the Sagerunex ********* since at least 2016 and is increasingly employing long-term persistence command shells and developingView the full article
The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identity—the gateway to enterprise security and the number one attack vectorView the full article
Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.
"The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developersView the full article
Threat actors deploying the ****** Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with ****** Basta may have transitioned to CACTUS.
"Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing them to executeView the full article
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.
The list of vulnerabilities is as follows -
CVE-2025-22224 (CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor withView the full article
Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers.
Stolen credentials: The cyber criminal’s weapon of choiceView the full article
Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.
