CYBERSECURITY 270
- Buying Spying - How the commercial surveillance industry works and what can be done about it
- Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques
- SocGholish Malware Using Compromised Sites to Deliver Ransomware
- Jaguar Land Rover hack cost UK economy an estimated $2.5 billion, report says
- Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
- Russian Coldriver Hackers Deploy New 'NoRobot' Malware
- Ransomware Payouts Surge to $3.6m Amid Evolving Tactics
- CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
- Self-spreading GlassWorm malware hits OpenVSX, VS Code registries
- Cyber defenders sound the alarm as F5 hack exposes broad risks
- AI-Driven Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals
- New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
- Collins Aerospace attack claimed by Everest, linking ransomware group to last month's European airport chaos
- Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities
- North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
- Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data
- Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months
- UK NCSC Reports 130% Spike in "Nationally Significant" Cyber Incidents
- Hacker Group TA585 Emerges With Advanced Attack Infrastructure
- Dragos sounds alarm over cyberattacks targeting distributed energy and industrial microgrids
- Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
- How to tell if your mobile number has been hacked and what to do next
- Attackers exploit valid logins in SonicWall SSL VPN compromise
- North Korean Hackers Have Stolen $2 Billion in Cryptocurrency in 2025
- Hackers leveraging Teams to drop malware, steal data, Microsoft warns
- Foreign threat actors adopting ChatGPT, AI to bolster "old playbook" of attacks, OpenAI finds
- The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn
- Reading the ENISA Threat Landscape 2025 report
- Ransomware Group “Trinity of Chaos” Launches Data Leak Site
- Patch Now Dell UnityVSA Flaw Allows Command Execution Without Login
- Hackers exploited Zimbra flaw as zero-day using iCalendar files
- Ghost in the Cloud Weaponizing AWS X-Ray for Command & Control
- Discord Data Breach Hackers Access IDs, Billing Details and Support Chats
- CometJacking One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief
- Oracle says hackers are trying to extort its customers
- Phishing Dominates EU-Wide Intrusions, says ENISA
- Exposing CharmingKitten's malicious activity for IRGC-IO division Counterintelligence division
- Massive network of 30,000 websites filters victims before delivering scams or malware
- VMware virtual machines under attack hackers may have exploited zero-day for months
- Phantom Taurus A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
- Medusa Ransomware Claims Comcast Data Breach, Demands .2M
- EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
- Cisco Talos attributes Asian telecom and manufacturing attacks to Naikon PlugX campaign
- Ransomware's favorite target in 2025 and what you can do about it
- Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses
- Chinese Cyberspies Hacked US Defense Contractors
- Who is Salt Typhoon Really? Unraveling the Attribution Challenge
- UK agency makes arrest in airport cyberattack investigation
- Threat Actors Breaking to Enterprise Infrastructure Within 18 Minutes From Initial Access
- COLDRIVER Updates Arsenal with BAITSWITCH and SIMPLEFIX
- SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
- Researchers expose MalTerminal, an LLM-enabled malware pioneer
- Nimbus Manticore Deploys New Malware Targeting Europe
- ShadowLeak Radware Uncovers Zero-Click Attack on ChatGPT
- RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains
- How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks
- China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
- BreachForums Owner Sent to Prison in Resentencing
- Going Underground China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels
- EvilAI malware campaign exploits AI-generated code to breach global critical sectors
- DNV details ‘SteganoAmor’ malware campaign used against Iranian oil and gas traders, extends to maritime operators
- FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data
- Huntress's 'hilarious' attacker surveillance splits infosec community
- France Warns Apple Users of New Spyware Campaign
- DELMIA Factory Software Vulnerability Exploited in Attacks
- Popular AI chatbots leaking data millions of users could be affected
- New Buterat Backdoor Malware Found in Enterprise and Government Networks
- KillSec Ransomware is Attacking Healthcare Institutions in Brazil
- Unmasking The Gentlemen Ransomware Tactics, Techniques, and Procedures Revealed
- Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
- 45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
- Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
- GhostAction Supply Chain Attack Compromises 3000+ Secrets
- Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure
- 18 Popular Code Packages Hacked, Rigged to Steal Crypto
- Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens
- Scattered Lapsus$ Hunters Demand Google Fire Security Experts or Face Data Leak
- NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data
- GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
- RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second
- Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices
- New Report on Commercial Spyware Vendors Detailing Their Targets and Infection Chains
- New Phishing Attack Via OneDrive Attacking C-level Employees for Corporate Credentials
- Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments
- Hidden Commands in Images Exploit AI Chatbots and Steal Data
- Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
- Microsoft Unveils Storm-0501’s Advanced Cloud Ransomware Attack Tactics
- Kea DHCP Server Vulnerability Let Remote Attacker Crash With a Single Crafted Packet
- International coalition calls out three Chinese companies over hacking campaign
- CISA Publish Hunting and Mitigation Guide to Defend Networks from Chinese State-Sponsored Actors
- New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
- AI-Powered Ransomware Has Arrived With 'PromptLock'
- MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
- Hackers steal data from Salesforce instances in widespread campaign
- Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
- Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign
- Credential harvesting campaign targets ScreenConnect cloud administrators
- ClickFix Attack Tricks AI Summaries Into Pushing Malware
- Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
- Attackers Abuse Virtual Private Servers to Compromise SaaS Accounts
- APT36 hackers abuse Linux .desktop files to install malware in new attacks
- Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
- Oregon man charged with administering “Rapper Bot” DDoS-for-hire Botnet
- Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in
- From Campus to C2 Tracking a Persistent Chinese Operation Against Vietnamese Universities
- Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets
- Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware
- Man Jailed for 20 Months After Compromising Millions of Accounts
- Cybersecurity in Focus Recent Threats Targeting India Amid Independence Day Celebrations
- Blue Locker' Analysis Ransomware Targeting Oil & Gas Sector In Pakistan
- Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
- New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
- Update WinRAR tools now RomCom and others exploiting zero-day vulnerability
- Cybersecurity Firm Profero Cracks DarkBit Ransomware Encryption
- Unmasking SocGholish Silent Push Untangles the Malware Web Behind the “Pioneer of Fake Updates” and Its Operator, TA569
- Ukraine claims to have hacked secrets from Russia's newest nuclear submarine
- The Growing Threat of Mobile Infostealers
- Google suffers data breach in ongoing Salesforce data theft attacks
- SonicWall investigates possible zero-day amid Akira ransomware surge
- GenAI Used For Phishing Websites Impersonating Brazil’s Government
- From Bing Search to Ransomware Bumblebee and AdaptixC2 Deliver Akira
- ShadowSyndicate Infrastructure Used by Multiple Ransomware Groups Including Cl0p, LockBit and RansomHub
- LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code
- Fake Telegram Premium Site Distributes New Lumma Stealer Variant
- Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds
- Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN
- AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
- Unmasking Interlock Group's Evolving Malware Arsenal
- The Commented Kill Chain Why Old Ransomware Playbooks Never Die
- Ransomware in Q2 2025 AI Joins the Crew, Cartels Rise, and Payment Rates Collapse
- From Laptops to Laundromats How DPRK IT Workers Infiltrated the Global Remote Economy
- APT36 Expands Beyond Military New Attacks Hit Indian Railways, Oil & Government Systems
- ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
- Cobalt Strike Beacon delivered via GitHub and social media
- China’s Covert Capabilities | Silk Spun From Hafnium
- Behind Random Words DoubleTrouble Mobile Banking Trojan Revealed
- Anubis and the Death of Data A New Era of Ransomware Operations
- GOLD BLADE remote DLL sideloading attack deploys RedLoader
- Revisiting UNC3886 Tactics to Defend Against Present Risk
- Cybersecurity Scams Targeting Fans and Teams at the 2025 Belgian Grand Prix
- Researchers Expose Massive Online Fake Currency Operation in India
- Florida Student Research Deploys AI to Spot Stealthy Android Malware
- ToolShell, SharePoint, and the Death of the Patch Window
- Methods to Bypass OTP in Mobile Apps Successful VAPT Scenarios
- Hunting Laundry Bear Infrastructure Analysis Guide and Findings
- Unmasking the new Chaos RaaS group attacks
- ToolShell An all-you-can-eat buffet for threat actors
- A Spike in the Desert How GreyNoise Uncovered a Global Pattern of VOIP-Based Telnet Attacks
- US nuclear weapons agency hacked in Microsoft SharePoint attacks
- Signed, Sealed, Altered? Deepdive into PDF Tempering
- Ports are getting smarter and more hackable
- Operation CargoTalon UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant.
- HAFNIUM-Linked Hacker Xu Zewei Riding the Tides of China’s Cyber Ecosystem
- Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims
- How DEF CON hacking villages help to save the planet
- Clickfix on macOS AppleScript Malware Campaign Uses Terminal Prompts to Steal Data
- Back to Business Lumma Stealer Returns with Stealthier Methods
- The SOC files Rumble in the jungle or APT41’s new target in Africa
- Microsoft Fix Targets Attacks on SharePoint Zero-Day
- Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities
- How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
- Greedy Sponge Targets Mexico with AllaKore RAT and SystemBC
- Getting to the Crux (Ransomware) of the Matter
- The Linuxsys Cryptominer
- Mobile Forensics Tool Used by Chinese Law Enforcement Dissected
- CryptoJacking is dead, long live CryptoJacking
- UNG0002, Regional Threat Operations Tracked Across Multiple Asian Jurisdictions
- Salt Typhoon breach Chinese APT compromises U.S. Army National Guard network
- Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
- Old Miner, New Tricks H2miner Resurfaces with Lcrypt0rx Ransomware
- Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
- On the Move Fast Flux in the Modern Threat Landscape
- Hyper-volumetric DDoS attacks skyrocket Cloudflare’s 2025 Q2 DDoS threat report
- eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
- The Good, the Bad, and the Encoding An SS7 Bypass Attack
- KongTuke FileFix Leads to New Interlock RAT Variant
- GLOBAL GROUP Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their Affiliates
- Behind the Clouds Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
- Chasing Ghosts Over RDP Lateral Movement in Tiny Bitmaps
- GAO finds progress in cyber information sharing, warns of rising attacks on critical infrastructure
- Where Everybody Knows Your Name Observing Malice-Complicit Nameservers
- Rendershock Weaponizing Trust in File Rendering Pipelines
- Malware of the Day – Multi-Modal C2 Communication – Numinon C2
- Fix the Click Preventing the ClickFix Attack Vector
- Code highlighting with Cursor AI for $500,000
- AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
- GitHub Abused to Spread Malware Disguised as Free VPN
- From Click to Compromise Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities
- Combolists and ULP Files on the Dark Web A Secondary and Unreliable Source of Information about Compromises
- NordDragonScan Quiet Data-Harvester on Windows
- Hackers abuse leaked Shellter red team tool to deploy infostealers
- Deploying NetSupport RAT via WordPress & ClickFix
- BERT Ransomware Group Targets Asia and Europe on Multiple Platforms
- NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors
- When Installers Turn Evil The Pascal Script Behind Inno Setup Malware Campaign
- Silent Push Uncovers Chinese Fake Marketplace e-Commerce Phishing Campaign
- Exposed JDWP Exploited in the Wild What Happens When Debug Ports Are Left Open
- Okta observes v0 AI tool used to build phishing sites
- Houken seeking a path by living on the edge with zero-days
- Critical Vulnerability in Microsens Devices Exposes Systems to Hackers
- Jasper Sleet North Korean remote IT workers’ evolving tactics to infiltrate organizations
- Hawaiian Airlines Hit by Cybersecurity Incident
- Odyssey Stealer The Rebrand of Poseidon Stealer
- DeepSeek Deception Sainbox RAT & Hidden Rootkit Delivery
- Patch and Persist Darktrace’s Detection of Blind Eagle (APT-C-36)
- Cybercrime is surging across Africa
- Crash (exploit) and burn Securing the offensive cyber supply chain to counter China in cyberspace
- OneClik A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
- Cybercriminals Abuse Open-Source Tools To Target Africa’s Financial Sector
- Cryptominers’ Anatomy Shutting Down Mining Botnets
- Chinese “LapDogs” ORB Network Targets US and Asia
- APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware
- Zoom & doom BlueNoroff call opens the door
- Resurgence of the Prometei Botnet
- Aflac notifies SEC of breach suspected to be work of Scattered Spider
- Part 2 Tracking LummaC2 Infrastructure
- Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
- What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
- Threat actor Banana Squad exploits GitHub repos in new campaign
- Ransomware Gangs Collapse as Qilin Seizes Control
- How Fraudsters Are Poisoning Search Results to Promote Phishing Sites
- PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
- Kali Linux 2025.2 released with 13 new tools, car hacking updates
- Is your AI safe? Threat analysis of MCP (Model Context Protocol)
- Fileless AsyncRAT Distributed Via Clickfix Technique Targeting German Speaking Users
- Anubis A Closer Look at an Emerging Ransomware with Built-in Wiper
- Ransomware Scum Disrupted Utility Services with SimpleHelp Attacks
- JSFireTruck Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique
- Fog Ransomware Unusual Toolset Used in Recent Attack
- Toxic trend Another malware threat targets DeepSeek
- Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
- Global analysis of Adversary-in-the-Middle phishing threats
- Unmasking the Infrastructure of a Spearphishing Campaign
- iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals
- Sleep with one eye open how Librarian Ghouls steal data by night
- GhostVendors Exposed Silent Push Uncovers Massive Network of 4000+ Fraudulent Domains Masquerading as Major Brands
- Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
- DanaBleed DanaBot C2 Server Memory Leak Bug
- Mapping Hidden Alliances in Russian-Affiliated Ransomware
- Operation Endgame Disrupts AvCheck, Forces Threat Actors to Seek Alternatives
- Chinese Hackers Infiltrated U.S. Telecom Networks a Year Earlier Than Previously Known
- Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
- The strange tale of ischhfd83 When cybercriminals eat their own
- The Bitter End Unraveling Eight Years of Espionage Antics—Part One
- StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025
- From open-source to open threat Tracking Chaos RAT’s evolution
- Criminals Bribed Outsourced Contractors to Steal Coinbase User Data
- Android malware trends Stealthier, easier-to-use
- The Hidden Cost of Trust New Data Reveals Alarming Employee Engagement with Vendor Email Compromise
- How Threat Actors Exploit Human Trust A Breakdown of the 'Prove You Are Human' Malware Scheme
- Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
- Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
- Backdoors in Python and NPM Packages Target Windows and Linux
- Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
- Interlock ransomware what you need to know
- Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys
- Haozi’s Plug-and-Play Phishing-as-a-Service Has Facilitated $280,000 of Criminal Transactions Over Past Five Months
- Cybercriminals camouflaging threats as AI tool installers
- Zanubis in motion Tracing the active evolution of the Android banking malware
- Pakistan Telecommunication Company (PTCL) Targeted by Bitter APT During Heightened Regional Conflict
- Text-to-Malware How Cybercriminals Weaponize Fake AI-Themed Websites
- New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
- Malware or LLM? Silent Werewolf employs new loaders to attack Russian and Moldovan organizations
- Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
- Earth Lamia Develops Custom Arsenal to Target Multiple Industries
- AIVD and MIVD identify new Russian cyber threat actor
- SilverRAT Source Code Leaked Online Here’s What You Need to Know
- Reborn in Rust AsyncRAT
- Eye of the Storm Dissecting the Playbook of Cyber Toufan
- Operation Sindoor – Anatomy of a Digital Siege