Jul 09, 2025Ravie LakshmananMalware / Cyber Espionage A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity has been attributed by… Read More "DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware"
A Chinese national has been arrested in Milan, Italy, for his alleged links to a state-sponsored hacking group known as Silk Typhoon and for carrying out cyber attacks against American organizations and government agencies. The 33-year-old, Xu Zewei, has been… Read More "Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks"
For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other… Read More "Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server"
A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real… Read More "Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally"
Cybersecurity researchers are calling attention to a malware campaign that’s targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers to rope the devices into a new botnet called RondoDox. The vulnerabilities in question include CVE-2024-3721, a medium-severity… Read More "RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks"
Jul 08, 2025Ravie LakshmananMalware / Mobile Security Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google’s official app marketplace. The malware,… Read More "Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play"
Jul 08, 2025Ravie LakshmananMalware / Cybercrime In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware. The company… Read More "Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware"
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs, occurred via a GitHub pull request that was… Read More "Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension"
From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about… In recent months, major retailers like Adidas, The North Face,… Read More "5 Ways Identity-based Attacks Are Breaching Retail"
Jul 08, 2025Ravie LakshmananCyber Espionage / Threat Intelligence Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024.… Read More "Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms"
