Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. […]
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm…
10 Best Patch Management Tools 2025
In today’s digital landscape, maintaining secure and efficient IT systems…
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing…
Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access
In a sophisticated cyber-espionage operation, a group known as UNC5221,…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm…
Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access
In a sophisticated cyber-espionage operation, a group known as UNC5221,…
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing…
10 Best Patch Management Tools 2025
In today’s digital landscape, maintaining secure and efficient IT systems…
CISA Warns: Old DNS Trick ‘Fast Flux’ Is Still Thriving
An old DNS switcheroo technique is still helping attackers keep…
Evilginx Tool (Still) Bypasses MFA
Based on the open source NGINX Web server, the malicious…
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
Identity-based attacks are on the rise. Attackers are targeting identities…
Hackers Could Drop Teams Malware via Browser’s Cache Smuggling
A novel attack vector combining browser cache exploitation and DLL…
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript…
12 Chinese Hackers Charged For Cyber Attacks on U.S Treasury
The U.S. Department of Justice (DOJ) unsealed indictments today against 12 Chinese nationals linked to state-sponsored cyber espionage campaigns targeting the U.S. Treasury Department, religious […]
The risks of standing down: Why halting US cyber ops against Russia erodes deterrence
The recent order directing US Cyber Command to halt all planning of offensive cyber operations against Russia is more than a tactical shift — it […]
Positiv denken für Sicherheitsentscheider: 6 Mindsets, die Sie sofort ablegen sollten
In einem falschen Security-Mindset gefangen? Foto: Paul Craft – shutterstock.com Dass Jobs im Bereich Cybersecurity ein hohes Burnout-Potenzial aufweisen, ist längst kein Geheimnis mehr: Das […]
_John_Williams_RF_Alamy.jpg)
Aryon Security Launches to Tackle Cloud Misconfigurations
The new cloud security startup uses AI to scan cloud applications and systems for issues before they are deployed. The original article found on darkreading […]
.webp)
BadBox Malware from Google Play Hacked 50,000+ Android Devices Using 24 Apps
HUMAN Security’s Satori Threat Intelligence team has uncovered a sophisticated malware operation dubbed “BADBOX 2.0” that compromised over 50,000 Android devices using 24 deceptive applications. […]
Espionage Actor ‘Lotus Blossom’ Targets South East Asia
The threat actor, of unknown origin, is deploying a proprietary backdoor malware known as “Sagerunex” against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam. […]
China’s Silk Typhoon APT Shifts to IT Supply Chain Attacks
The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, […]
Qualcomm, MediaTek Release Security Fix Bonanza
The chipmakers patched bugs, mostly critical and high severity, that affect everything from smartphones to TVs to artificial intelligence platforms. The original article found on […]
‘Crafty Camel’ APT Targets Aviation, OT With Polygot Files
The Iran-linked nation-state group made its debut with a stealthy, sophisticated, and laser-focused cyber-espionage attack on targets in UAE. The original article found on darkreading […]