Malware & Threats

Chinese APT Weaver Ant Targeting Telecom Providers in Asia

APT, China APT, Malware & Threats, telecoms, Weaver Ant /

Chinese APT Weaver Ant Targeting Telecom Providers in Asia 2025-03-25 at 13:54 By Ionut Arghire Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access. The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]

React to this headline:

Loading spinner

Chinese APT Weaver Ant Targeting Telecom Providers in Asia Read More »

Medusa Ransomware Uses Malicious Driver to Disable Security Tools

AbyssWorker, Malware, Malware & Threats, Medusa, Ransomware /

Medusa Ransomware Uses Malicious Driver to Disable Security Tools 2025-03-24 at 13:46 By Ionut Arghire The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems. The post Medusa Ransomware Uses Malicious Driver to Disable Security Tools appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Medusa Ransomware Uses Malicious Driver to Disable Security Tools Read More »

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads

adware, Android, Android malware, Google Play, Malware & Threats, Vapor /

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads 2025-03-20 at 12:30 By Ionut Arghire Over 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play. The post 300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads appeared first on SecurityWeek.

React to this headline:

Loading spinner

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads Read More »

Chinese Hacking Group MirrorFace Targeting Europe

China APT, Europe, Malware & Threats, MirrorFace /

Chinese Hacking Group MirrorFace Targeting Europe 2025-03-19 at 15:05 By Ionut Arghire Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT. The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Chinese Hacking Group MirrorFace Targeting Europe Read More »

Microsoft Warns of New StilachiRAT Malware

Malware, Malware & Threats, RAT, StilachiRAT /

Microsoft Warns of New StilachiRAT Malware 2025-03-19 at 12:00 By Eduard Kovacs Microsoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft. The post Microsoft Warns of New StilachiRAT Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Microsoft Warns of New StilachiRAT Malware Read More »

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft

APT, LNK, Malware, Malware & Threats, ZDI /

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft 2025-03-18 at 16:02 By Eduard Kovacs ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands. The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft Read More »

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum

Apache, Apache Tomcat, CVE-2025-24813, Malware & Threats, Network Security, remote code execution /

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum 2025-03-17 at 20:29 By Ryan Naraine Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server. The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum Read More »

100 Car Dealerships Hit by Supply Chain Attack

ClickFix, Malware, Malware & Threats, supply chain, Supply Chain Security /

100 Car Dealerships Hit by Supply Chain Attack 2025-03-17 at 14:17 By Ionut Arghire The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise. The post 100 Car Dealerships Hit by Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

100 Car Dealerships Hit by Supply Chain Attack Read More »

In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker

In Other News, Malware & Threats /

In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker 2025-03-14 at 14:48 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Switzerland requires disclosure of critical infrastructure attacks, ESP32 chips don’t contain a backdoor, MassJacker cryptojacking malware. The post In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor

React to this headline:

Loading spinner

In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker Read More »

ClickFix Widely Adopted by Cybercriminals, APT Groups

ClickFix, Malware & Threats /

ClickFix Widely Adopted by Cybercriminals, APT Groups 2025-03-14 at 14:30 By Ionut Arghire The ClickFix technique has been employed by cybercrime and APT groups for information stealer and other malware deployment. The post ClickFix Widely Adopted by Cybercriminals, APT Groups appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

ClickFix Widely Adopted by Cybercriminals, APT Groups Read More »

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024

botnet, Edimax, exploited, Malware & Threats /

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 2025-03-13 at 21:08 By Eduard Kovacs A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year. The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 Read More »

FreeType Zero-Day Being Exploited in the Wild

CVE-2025-27363, Facebook, FreeType, Malware & Threats, Meta, Vulnerabilities, Zero-Day /

FreeType Zero-Day Being Exploited in the Wild 2025-03-13 at 19:24 By Ryan Naraine Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.  The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

FreeType Zero-Day Being Exploited in the Wild Read More »

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign

exploited, Grafana, Malware & Threats /

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign 2025-03-13 at 17:17 By Ionut Arghire Threat actors are likely targeting Grafana path traversal bugs for reconnaissance in a SSRF exploitation campaign targeting popular platforms. The post Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign Read More »

DeepSeek’s Malware-Generation Capabilities Put to Test

AI, Artificial Intelligence, DeepSeek, Keylogger, Malware, Malware & Threats, Ransomware /

DeepSeek’s Malware-Generation Capabilities Put to Test 2025-03-13 at 15:01 By Eduard Kovacs Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers. The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

DeepSeek’s Malware-Generation Capabilities Put to Test Read More »

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days 

critical infrastructure, Malware & Threats, Microsoft, Patch Tuesday, remote code execution, Vulnerabilities, Zero-Day /

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  2025-03-11 at 21:03 By Ryan Naraine Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild. The post Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  Read More »

New Ballista IoT Botnet Linked to Italian Threat Actor

Ballista, botnet, Malware, Malware & Threats /

New Ballista IoT Botnet Linked to Italian Threat Actor 2025-03-11 at 19:05 By Eduard Kovacs Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.   The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

New Ballista IoT Botnet Linked to Italian Threat Actor Read More »

Mass Exploitation of Critical PHP Vulnerability Begins

exploited, Malware & Threats, PHP /

Mass Exploitation of Critical PHP Vulnerability Begins 2025-03-10 at 14:02 By Ionut Arghire GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers. The post Mass Exploitation of Critical PHP Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Mass Exploitation of Critical PHP Vulnerability Begins Read More »

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

botnet, camera, Edimax, exploited, Featured, IoT Security, Malware & Threats, Mirai, Zero-Day /

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets 2025-03-07 at 10:31 By Eduard Kovacs Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets Read More »

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist

Bybit, Cryptocurrency, Ethereum, Lazarus, Malware & Threats, Nation-State, North Korea, SafeWallet /

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist 2025-03-07 at 01:09 By Ryan Naraine The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file. The post How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist Read More »

Scroll to Top