The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints. It’s believed that… Read More "DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints"
May 29, 2025Ravie LakshmananMalware / Cloud Security Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). The tech giant, which discovered the activity in… Read More "Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations"
May 29, 2025Ravie LakshmananVulnerability / Website Security Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist, which has over… Read More "Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin"
May 28, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month. The activity, observed by GreyNoise on May 8, 2025, involved as many as… Read More "251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch"
May 28, 2025The Hacker NewsIdentity Theft / Enterprise Security Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with personal services, the… Read More "A 24-Hour Timeline of a Modern Stealer Campaign"
May 28, 2025Ravie LakshmananCybersecurity / Cyber Espionage The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC) of targeting its Ministry of Foreign Affairs. In a public statement, the government said it… Read More "Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack"
May 28, 2025Ravie LakshmananRansomware / Data Breach An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are… Read More "Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore"
May 28, 2025Ravie LakshmananIoT Security / Cryptocurrency Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand… Read More "New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto"
May 28, 2025Ravie LakshmananData Privacy / Vulnerability Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a user’s entire cloud storage content, as opposed to just the files… Read More "Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File"
May 28, 2025The Hacker NewsBrowser Security / Credential Theft Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if… Read More "How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds"
