Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex’s John Tuckner, the extension in question, juan-bianco.solidity-vlang (version… Read More "Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive"
Nov 03, 2025The Hacker NewsSOC Operations / Exposure Management Security Operations Centers (SOC) today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context… Read More "How Continuous Exposure Management Transforms Security Operations"
Nov 03, 2025Ravie LakshmananCybercrime / Supply Chain Attack Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo… Read More "Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks"
Nov 03, 2025Ravie LakshmananCybersecurity / Hacking News Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was… Read More "Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More"
Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep… Read More "Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data"
Nov 01, 2025Ravie LakshmananArtificial Intelligence / Vulnerability The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. The activity, per… Read More "ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability"
Oct 31, 2025Ravie LakshmananVulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, following reports of… Read More "CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks"
Oct 31, 2025Ravie LakshmananMalware / Secure Coding Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code (VS Code) extensions published in… Read More "Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery"
Oct 31, 2025Ravie LakshmananEndpoint Security / Cyber Espionage The exploitation of a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager has been attributed to a cyber espionage group known as Tick. The vulnerability, tracked as CVE-2025-61932 (CVSS score:… Read More "China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems"
Oct 31, 2025Ravie LakshmananArtificial Intelligence / Code Security OpenAI has announced the launch of an “agentic security researcher” that’s powered by its GPT-5 large language model (LLM) and is programmed to emulate a human expert capable of scanning, understanding, and… Read More "GPT-5 Agent That Finds and Fixes Code Flaws Automatically"
