Malware & Threats

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down

In Other News, Malware & Threats /

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down 2025-05-02 at 15:23 By SecurityWeek News Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code […]

React to this headline:

Loading spinner

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down Read More »

Chinese APT’s Adversary-in-the-Middle Tool Dissected

AitM, China, Malware, Malware & Threats, TheWizards /

Chinese APT’s Adversary-in-the-Middle Tool Dissected 2025-05-01 at 14:18 By Ionut Arghire ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor. The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Chinese APT’s Adversary-in-the-Middle Tool Dissected Read More »

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances 

Data Breaches, DBIR, Fortinet, Incident Response, Ivanti, Malware & Threats, Ransomware, SonicWall, Verizon /

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  2025-04-24 at 18:12 By Ryan Naraine The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices. The post Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  Read More »

Many Malware Campaigns Linked to Proton66 Network

ASN, bulletproof hosting, Malware, Malware & Threats, Proton66 /

Many Malware Campaigns Linked to Proton66 Network 2025-04-22 at 14:33 By Ionut Arghire Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN. The post Many Malware Campaigns Linked to Proton66 Network appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Many Malware Campaigns Linked to Proton66 Network Read More »

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature

Bybit, Cryptocurrency, Fraud & Identity Theft, Lazarus, Malware & Threats, North Korea, social engineering, Zoom /

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature 2025-04-21 at 19:02 By Ryan Naraine North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware. The post North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature Read More »

MITRE Hackers’ Backdoor Has Targeted Windows for Years

backdoor, BrickStorm, China, Malware & Threats, MITRE /

MITRE Hackers’ Backdoor Has Targeted Windows for Years 2025-04-17 at 12:02 By Ionut Arghire Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years. The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Hackers’ Backdoor Has Targeted Windows for Years Read More »

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild

backdoor, BPFDoor, China, Malware, Malware & Threats /

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild 2025-04-16 at 14:55 By Ionut Arghire In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally. The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild Read More »

Microsoft Warns of Node.js Abuse for Malware Delivery

Malware, Malware & Threats, Node.js /

Microsoft Warns of Node.js Abuse for Malware Delivery 2025-04-16 at 14:01 By Eduard Kovacs In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads. The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Warns of Node.js Abuse for Malware Delivery Read More »

Conduent Says Names, Social Security Numbers Stolen in Cyberattack

conduent, Incident Response, Malware & Threats, Ransomware, Safepay, SEC /

Conduent Says Names, Social Security Numbers Stolen in Cyberattack 2025-04-15 at 17:34 By Ionut Arghire The business services provider confirms personal information such as names and Social Security numbers was stolen in a January cyberattack. The post Conduent Says Names, Social Security Numbers Stolen in Cyberattack appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Conduent Says Names, Social Security Numbers Stolen in Cyberattack Read More »

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities

CrushFTP, CVE-2025-30406, Gladinet, Malware & Threats, Supply Chain Security, Triofox /

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities 2025-04-14 at 20:31 By Ryan Naraine The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April. The post Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities Read More »

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations

cybercrime, Malware, Malware & Threats, Morphisec, ResolverRat /

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations 2025-04-14 at 16:49 By Ionut Arghire Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities. The post New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations Read More »

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

CVE-2022-42475, CVE-2023-27997, CVE-2024-21762, Fortinet, FortiOS, Malware & Threats, ThreatMon, Vulnerabilities /

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit 2025-04-14 at 16:49 By Ionut Arghire A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls. The post Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit Read More »

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle

Connect Secure, CVE-2025-22457, Incident Response, Ivanti, Malware & Threats, Mandiant, Rapid7, VPN, Vulnerabilities /

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle 2025-04-11 at 21:05 By Ryan Naraine The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle Read More »

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet

botnet, Europol, Malware & Threats, Operation Endgame, Smokeloader, Tracking & Law Enforcement, Trickbot /

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet 2025-04-10 at 18:16 By Ionut Arghire Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet. The post Europol Targets Customers of Smokeloader Pay-Per-Install Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet Read More »

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages

AkiraBot, Malware & Threats, SEO, spam /

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages 2025-04-10 at 12:00 By Ionut Arghire CAPTCHA-evading Python framework AkiraBot has spammed over 80,000 websites with AI-generated spam messages. The post ‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages Read More »

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

CVE-2025-29824, Featured, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day 2025-04-08 at 22:03 By Ryan Naraine Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Read More »

Adobe Calls Urgent Attention to Critical ColdFusion Flaws

Adobe, Adobe Commerce, ColdFusion, Malware & Threats, Patch Tuesday, Photoshop, Vulnerabilities /

Adobe Calls Urgent Attention to Critical ColdFusion Flaws 2025-04-08 at 21:08 By Ryan Naraine The Adobe Patch Tuesday rollout covers 54 vulnerabilities, including code execution issues in the oft-targeted Adobe ColdFusion software. The post Adobe Calls Urgent Attention to Critical ColdFusion Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Adobe Calls Urgent Attention to Critical ColdFusion Flaws Read More »

Octane Raises $6.75M for Smart Contract Security Tech

Artificial Intelligence, blockchain, Cryptocurrency, Malware & Threats, Octane, seed-stage, smart contracts /

Octane Raises $6.75M for Smart Contract Security Tech 2025-04-08 at 19:05 By SecurityWeek News San Francisco smart contract security startup closes a $6.75 million seed funding round led by Archetype and Winklevoss Capital. The post Octane Raises $6.75M for Smart Contract Security Tech appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Octane Raises $6.75M for Smart Contract Security Tech Read More »

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks

CrushFTP, CVE-2025-31161, exploited, Malware & Threats /

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks 2025-04-08 at 12:06 By Eduard Kovacs Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks Read More »

Scroll to Top