backdoor

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms 2025-08-29 at 14:19 By Zeljka Zorz A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial manufacturing and other companies critical to various supply chains, Check Point […]

React to this headline:

Loading spinner

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Read More »

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) 2025-08-26 at 16:35 By Zeljka Zorz Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and released security

React to this headline:

Loading spinner

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) Read More »

Microsoft Dissects PipeMagic Modular Backdoor

Microsoft Dissects PipeMagic Modular Backdoor 2025-08-19 at 17:07 By Ionut Arghire PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility. The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Dissects PipeMagic Modular Backdoor Read More »

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) 2025-08-12 at 16:11 By Zeljka Zorz The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.

React to this headline:

Loading spinner

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) Read More »

WinRAR zero day exploited by RomCom hackers in targeted attacks

WinRAR zero day exploited by RomCom hackers in targeted attacks 2025-08-11 at 12:55 By Sinisa Markovic ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the portable

React to this headline:

Loading spinner

WinRAR zero day exploited by RomCom hackers in targeted attacks Read More »

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit 2025-07-16 at 20:54 By Zeljka Zorz Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, analysts with Google’s Threat Intelligence Group (GTIG) have warned. The analysts say UNC6148 – as

React to this headline:

Loading spinner

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit Read More »

Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment

Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment 2025-07-14 at 14:54 By Ionut Arghire Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment Read More »

Stealthy backdoor found hiding in SOHO devices running Linux

Stealthy backdoor found hiding in SOHO devices running Linux 2025-06-23 at 11:02 By Mirko Zorz SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader shift in how China-Nexus threat actors are using Operational Relay Box (ORB) networks to

React to this headline:

Loading spinner

Stealthy backdoor found hiding in SOHO devices running Linux Read More »

Encryption Backdoors: The Security Practitioners’ View

Encryption Backdoors: The Security Practitioners’ View 2025-06-19 at 14:08 By Kevin Townsend After decades of failed attempts to access encrypted communications, governments are shifting from persuasion to coercion—security experts say the risks are too high. The post Encryption Backdoors: The Security Practitioners’ View appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Encryption Backdoors: The Security Practitioners’ View Read More »

React Native Aria Packages Backdoored in Supply Chain Attack

React Native Aria Packages Backdoored in Supply Chain Attack 2025-06-09 at 17:22 By Ionut Arghire A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack. The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

React Native Aria Packages Backdoored in Supply Chain Attack Read More »

Backdoored Open Source Malware Repositories Target Novice Cybercriminals

Backdoored Open Source Malware Repositories Target Novice Cybercriminals 2025-06-05 at 16:32 By Ionut Arghire A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters. The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Backdoored Open Source Malware Repositories Target Novice Cybercriminals Read More »

MITRE Hackers’ Backdoor Has Targeted Windows for Years

MITRE Hackers’ Backdoor Has Targeted Windows for Years 2025-04-17 at 12:02 By Ionut Arghire Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years. The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Hackers’ Backdoor Has Targeted Windows for Years Read More »

Cozy Bear targets EU diplomats with wine-tasting invites (again)

Cozy Bear targets EU diplomats with wine-tasting invites (again) 2025-04-16 at 17:40 By Zeljka Zorz APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagged a low-volume

React to this headline:

Loading spinner

Cozy Bear targets EU diplomats with wine-tasting invites (again) Read More »

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild 2025-04-16 at 14:55 By Ionut Arghire In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally. The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild Read More »

Beware fake AutoCAD, SketchUp sites dropping malware

Beware fake AutoCAD, SketchUp sites dropping malware 2025-04-03 at 09:47 By Help Net Security Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer legitimate software for download, Kaspersky researchers have warned. Malicious websites (Source: Kaspersky) The list of impersonated

React to this headline:

Loading spinner

Beware fake AutoCAD, SketchUp sites dropping malware Read More »

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog 2025-04-01 at 22:17 By Ryan Naraine The undocumented tunnel allows remote control all robot dogs on the tunnel network and use the vision cameras to see through their eyes. The post Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog appeared first on SecurityWeek.

React to this headline:

Loading spinner

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog Read More »

RansomHub affiliate leverages multi-function Betruger backdoor

RansomHub affiliate leverages multi-function Betruger backdoor 2025-03-20 at 12:03 By Zeljka Zorz A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The Betruger backdoor The malware can take screenshots, log keystroke, scan networks, dump credentials, upload files to a command and control

React to this headline:

Loading spinner

RansomHub affiliate leverages multi-function Betruger backdoor Read More »

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers 2025-03-12 at 18:45 By Ryan Naraine China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers Read More »

Gabbard Decries Britain’s Reported Demand for Apple to Provide Backdoor Access to Users’ Cloud Data

Gabbard Decries Britain’s Reported Demand for Apple to Provide Backdoor Access to Users’ Cloud Data 2025-02-28 at 17:03 By Associated Press The Director of National Intelligence said such a demand would violate Americans’ rights and raise concerns about a foreign government pressuring a U.S.-based technology company. The post Gabbard Decries Britain’s Reported Demand for Apple

React to this headline:

Loading spinner

Gabbard Decries Britain’s Reported Demand for Apple to Provide Backdoor Access to Users’ Cloud Data Read More »

China-based Silver Fox spoofs healthcare app to deliver malware

China-based Silver Fox spoofs healthcare app to deliver malware 2025-02-25 at 18:33 By Zeljka Zorz Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising the malware as legitimate healthcare app (the Philips DICOM viewer), a Windows

React to this headline:

Loading spinner

China-based Silver Fox spoofs healthcare app to deliver malware Read More »

Scroll to Top