Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called “TinyShell.” ​The […]
Apple Drops Another WebKit Zero-Day Bug
A threat actor leveraged the vulnerability in an “extremely sophisticated” attack on targeted iOS users, the company says. ​The original article found on darkreading Read […]
_Jochen_Tack_Alamy.png)
Volt Typhoon Strikes Massachusetts Power Utility
The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; […]
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to […]
‘Ballista’ Botnet Exploits 2023 Vulnerability in TP-Link Routers
In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it’s being used once more for another botnet campaign with its own […]
_Illia_Uriadnikov_Alamy.jpg)
The CISO as Business Resilience Architect
To truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies. ​The original […]
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Threat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. “At least 400 […]
Critical Windows Remote Desktop Services Vulnerability Lets Attackers Execute Malicious Code
Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and […]
CISA Warns of Windows NTFS Vulnerability Actively Exploited to Access Sensitive Data
The Cybersecurity and Infrastructure Security Agency (CISA) escalated its cybersecurity alert, by adding six critical Microsoft Windows vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, […]
.webp)
New Fully Undetected Anubis Malware Let Hackers Execute Remote Commands
A newly discovered Python-based backdoor called AnubisBackdoor is enabling threat actors to execute remote commands on compromised systems while completely evading detection by most antivirus […]