As cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new open-source […]
Author: cyberbytes
Cybercriminals take malicious AI to the next level
Cybercriminals have begun refining malicious large language models (LLMs) using underground forum posts and breach dumps to tailor AI models for specific fraud schemes, threat […]
Microsoft hints at revoking access to the Windows kernel — eventually
As Microsoft watchers know, the software giant’s exact words don’t always say what the company means. Last Thursday delivered another example of that, as Microsoft […]
Threat Actors Impersonate WPS Office and DeepSeek to Spread Sainbox RAT
A malicious campaign has emerged, targeting Chinese-speaking users through fake installers of popular software such as WPS Office, Sogou, and DeepSeek. This operation, attributed with […]
New Report Reveals Exploited Vulnerabilities as Leading Cause of Ransomware Attacks on Organizations
A groundbreaking report titled “The State of Ransomware 2025” by Sophos, released in June 2025, has shed light on the persistent and evolving threat of […]
Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers
Ahold Delhaize USA Services, LLC, a major grocery retail operator, has confirmed a significant data breach that compromised the personal information of over 2.2 million […]
RDP Under Siege: How RansomHub Uses Mimikatz and IP Scanners to Breach Networks
A threat actor using the RansomHub ransomware carried out a painstakingly planned attack beginning in November 2024 in a terrifying cyber intrusion that was recently […]
Canada Orders Chinese Vendor Hikvision to Cease Local Surveillance Activities
The Canadian government has ordered Hikvision, one of the world’s largest manufacturers of surveillance cameras, to halt all operations in Canada and shut down its […]
Beyond CVE: The hunt for other sources of vulnerability intel
The recent brief scare over the potential discontinuation of the Common Vulnerabilities and Exposures (CVE) program highlighted the security industry’s heavy reliance on it and […]
IBM WebSphere Application Server Vulnerability Allows Remote Code Execution
A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated […]