Malware & Threats

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities

CrushFTP, CVE-2025-30406, Gladinet, Malware & Threats, Supply Chain Security, Triofox /

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities 2025-04-14 at 20:31 By Ryan Naraine The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April. The post Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities Read More »

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations

cybercrime, Malware, Malware & Threats, Morphisec, ResolverRat /

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations 2025-04-14 at 16:49 By Ionut Arghire Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities. The post New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations Read More »

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

CVE-2022-42475, CVE-2023-27997, CVE-2024-21762, Fortinet, FortiOS, Malware & Threats, ThreatMon, Vulnerabilities /

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit 2025-04-14 at 16:49 By Ionut Arghire A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls. The post Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit Read More »

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle

Connect Secure, CVE-2025-22457, Incident Response, Ivanti, Malware & Threats, Mandiant, Rapid7, VPN, Vulnerabilities /

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle 2025-04-11 at 21:05 By Ryan Naraine The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle Read More »

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet

botnet, Europol, Malware & Threats, Operation Endgame, Smokeloader, Tracking & Law Enforcement, Trickbot /

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet 2025-04-10 at 18:16 By Ionut Arghire Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet. The post Europol Targets Customers of Smokeloader Pay-Per-Install Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Europol Targets Customers of Smokeloader Pay-Per-Install Botnet Read More »

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages

AkiraBot, Malware & Threats, SEO, spam /

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages 2025-04-10 at 12:00 By Ionut Arghire CAPTCHA-evading Python framework AkiraBot has spammed over 80,000 websites with AI-generated spam messages. The post ‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages Read More »

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

CVE-2025-29824, Featured, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day 2025-04-08 at 22:03 By Ryan Naraine Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Read More »

Adobe Calls Urgent Attention to Critical ColdFusion Flaws

Adobe, Adobe Commerce, ColdFusion, Malware & Threats, Patch Tuesday, Photoshop, Vulnerabilities /

Adobe Calls Urgent Attention to Critical ColdFusion Flaws 2025-04-08 at 21:08 By Ryan Naraine The Adobe Patch Tuesday rollout covers 54 vulnerabilities, including code execution issues in the oft-targeted Adobe ColdFusion software. The post Adobe Calls Urgent Attention to Critical ColdFusion Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Adobe Calls Urgent Attention to Critical ColdFusion Flaws Read More »

Octane Raises $6.75M for Smart Contract Security Tech

Artificial Intelligence, blockchain, Cryptocurrency, Malware & Threats, Octane, seed-stage, smart contracts /

Octane Raises $6.75M for Smart Contract Security Tech 2025-04-08 at 19:05 By SecurityWeek News San Francisco smart contract security startup closes a $6.75 million seed funding round led by Archetype and Winklevoss Capital. The post Octane Raises $6.75M for Smart Contract Security Tech appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Octane Raises $6.75M for Smart Contract Security Tech Read More »

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks

CrushFTP, CVE-2025-31161, exploited, Malware & Threats /

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks 2025-04-08 at 12:06 By Eduard Kovacs Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks Read More »

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations

CISA, DNS, fast flux, guidance, Malware & Threats /

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations 2025-04-04 at 15:29 By Ionut Arghire US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations. The post US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server

React to this headline:

Loading spinner

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations Read More »

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances 

Connect Secure, CVE-2025-22457, Ivanti, Malware & Threats, Mandiant, Network Security, Pulse Connect, UNC5221 /

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances  2025-04-03 at 20:17 By Ryan Naraine Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances  Read More »

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog

backdoor, China, CloudSail, Malware & Threats, Robotics, tunnel network, Unitree Go1, Vulnerabilities /

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog 2025-04-01 at 22:17 By Ryan Naraine The undocumented tunnel allows remote control all robot dogs on the tunnel network and use the vision cameras to see through their eyes. The post Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog appeared first on SecurityWeek.

React to this headline:

Loading spinner

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog Read More »

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory

Malware & Threats, mu-plugins, Sucuri, Vulnerabilities, WordPress, WordPress plugin /

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory 2025-03-31 at 18:07 By Ionut Arghire Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. The post Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory Read More »

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft

Android malware, Banking Trojan, Crocodilus, Malware, Malware & Threats /

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft 2025-03-31 at 14:05 By Ionut Arghire The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging. The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft Read More »

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

CISA, exploit, Ivanti, Malware, Malware & Threats, Resurge /

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks 2025-03-31 at 13:37 By Ionut Arghire CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks Read More »

9-Year-Old NPM Crypto Package Hijacked for Information Theft

Cryptocurrency, hijacking, Malware & Threats, NPM /

9-Year-Old NPM Crypto Package Hijacked for Information Theft 2025-03-28 at 14:32 By Ionut Arghire Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

9-Year-Old NPM Crypto Package Hijacked for Information Theft Read More »

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

Banking Trojan, Grandoreiro, Malware, Malware & Threats, trojan /

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe 2025-03-28 at 12:33 By Ionut Arghire The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe Read More »

Russian Ransomware Gang Exploited Windows Zero-Day Before Patch

CVE-2025-26633, EncryptHub, Malware & Threats, Microsoft, MMC, Ransomware, Trend Micro, Vulnerabilities /

Russian Ransomware Gang Exploited Windows Zero-Day Before Patch 2025-03-26 at 18:26 By Ryan Naraine Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub) The post Russian Ransomware Gang Exploited Windows Zero-Day Before Patch appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Russian Ransomware Gang Exploited Windows Zero-Day Before Patch Read More »

AMTSO Releases Sandbox Evaluation Framework

AMTSO, framework, Malware & Threats, sandbox, testing /

AMTSO Releases Sandbox Evaluation Framework 2025-03-26 at 17:31 By Eduard Kovacs AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions.  The post AMTSO Releases Sandbox Evaluation Framework appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

AMTSO Releases Sandbox Evaluation Framework Read More »

Scroll to Top