Mar 05, 2025Ravie LakshmananOpen Source / Malware Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. “The threat actor has… Read More "Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems"
Mar 04, 2025Ravie LakshmananNetwork Security / Ransomware Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts.… Read More "Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers"
Mar 04, 2025Ravie LakshmananVulnerability / Cloud Security Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is… Read More "VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches"
Mar 04, 2025Ravie LakshmananCybercrime / Threat Intelligence Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously… Read More "Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates"
Mar 04, 2025Ravie LakshmananCyber Espionage / Malware Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano.… Read More "Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector"
Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables… Read More "How New AI Agents Will Transform Credential Stuffing Attacks"
Mar 04, 2025The Hacker NewsCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV)… Read More "Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm"
Mar 04, 2025Ravie LakshmananVulnerability / Mobile Security Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two… Read More "Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities"
Mar 03, 2025Ravie Lakshmanan This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where… Read More "Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists"
Mar 03, 2025Ravie LakshmananRansomware / Vulnerability Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of… Read More "Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks"
