Aug 24, 2025Ravie LakshmananMalware / Supply Chain Security Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. “On the first successful… Read More "Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot"
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure. The first set of attacks… Read More "GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets"
Aug 22, 2025Ravie LakshmananOnline Fraud / Financial Crime INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. “The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global… Read More "INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown"
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The “Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,” Trellix researcher… Read More "Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection"
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks. “The adversary has also shown considerable ability to quickly… Read More "Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage"
Aug 22, 2025The Hacker NewsPenetration Testing / Security Operations Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept… Read More "Automation Is Redefining Pentest Delivery"
Aug 22, 2025Ravie LakshmananCybercrime / Malware A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked… Read More "Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware"
Aug 21, 2025Ravie LakshmananMalware / Cryptocurrency Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of… Read More "Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages"
Aug 21, 2025Ravie LakshmananVulnerability / Software Security Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as… Read More "Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks"
Aug 21, 2025Ravie LakshmananMalware / Email Security Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access… Read More "Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger"
