In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs 2025-07-11 at 15:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot targets governments. The post In Other News: Microsoft […]
Legitimate Shellter Pen-Testing Tool Used in Malware Attacks 2025-07-08 at 20:30 By Ionut Arghire A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail. The post Legitimate Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek. This article is an
Legitimate Shellter Pen-Testing Tool Used in Malware Attacks Read More »
North Korean Hackers Use Fake Zoom Updates to Install macOS Malware 2025-07-03 at 13:32 By Ionut Arghire SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor. The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
North Korean Hackers Use Fake Zoom Updates to Install macOS Malware Read More »
Chinese Hackers Target Chinese Users With RAT, Rootkit 2025-06-27 at 13:02 By Ionut Arghire China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit. The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Chinese Hackers Target Chinese Users With RAT, Rootkit Read More »
Hackers Abuse ConnectWise to Hide Malware 2025-06-25 at 15:52 By Ionut Arghire G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables. The post Hackers Abuse ConnectWise to Hide Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Hackers Abuse ConnectWise to Hide Malware Read More »
SonicWall Warns of Trojanized NetExtender Stealing User Information 2025-06-25 at 14:33 By Ionut Arghire SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code. The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SonicWall Warns of Trojanized NetExtender Stealing User Information Read More »
Russian APT Hits Ukrainian Government With New Malware via Signal 2025-06-25 at 10:17 By Ionut Arghire Russia-linked APT28 deployed new malware against Ukrainian government targets through malicious documents sent via Signal chats. The post Russian APT Hits Ukrainian Government With New Malware via Signal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Russian APT Hits Ukrainian Government With New Malware via Signal Read More »
Prometei Botnet Activity Spikes 2025-06-24 at 14:10 By Ionut Arghire Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet. The post Prometei Botnet Activity Spikes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Prometei Botnet Activity Spikes Read More »
Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play 2025-06-24 at 12:45 By Ionut Arghire Newly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices. The post Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play appeared first on SecurityWeek. This article is an excerpt from
Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play Read More »
North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting 2025-06-23 at 19:45 By Ionut Arghire North Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands. The post North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting Read More »
Godfather Android Trojan Creates Sandbox on Infected Devices 2025-06-20 at 14:50 By Ionut Arghire The Godfather Android trojan uses on-device virtualization to hijack legitimate applications and steal users’ funds. The post Godfather Android Trojan Creates Sandbox on Infected Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Godfather Android Trojan Creates Sandbox on Infected Devices Read More »
Cloudflare Tunnels Abused in New Malware Campaign 2025-06-20 at 11:48 By Ionut Arghire A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain. The post Cloudflare Tunnels Abused in New Malware Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Cloudflare Tunnels Abused in New Malware Campaign Read More »
New Campaigns Distribute Malware via Open Source Hacking Tools 2025-06-19 at 15:40 By Ionut Arghire Trend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools. The post New Campaigns Distribute Malware via Open Source Hacking Tools appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
New Campaigns Distribute Malware via Open Source Hacking Tools Read More »
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack 2025-06-17 at 23:52 By Kevin Townsend Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site. The post New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack appeared first on SecurityWeek. This
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack Read More »
Recent Langflow Vulnerability Exploited by Flodrix Botnet 2025-06-17 at 11:46 By Eduard Kovacs A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet. The post Recent Langflow Vulnerability Exploited by Flodrix Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Recent Langflow Vulnerability Exploited by Flodrix Botnet Read More »
TeamFiltration Abused in Entra ID Account Takeover Campaign 2025-06-13 at 15:22 By Ionut Arghire Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts. The post TeamFiltration Abused in Entra ID Account Takeover Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
TeamFiltration Abused in Entra ID Account Takeover Campaign Read More »
SimpleHelp Vulnerability Exploited Against Utility Billing Software Users 2025-06-13 at 13:56 By Ionut Arghire CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers. The post SimpleHelp Vulnerability Exploited Against Utility Billing Software Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SimpleHelp Vulnerability Exploited Against Utility Billing Software Users Read More »
Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones 2025-06-12 at 18:31 By Ryan Naraine Citizen Lab publishes forensic proof that spyware maker Paragon can compromise up-to-date iPhones. Journalists in Europe among victims. The post Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones appeared first on SecurityWeek. This article is an excerpt
Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones Read More »
Recently Disrupted DanaBot Leaked Valuable Data for 3 Years 2025-06-11 at 15:03 By Eduard Kovacs Investigators leveraged a vulnerability dubbed DanaBleed to obtain insights into the internal operations of the DanaBot botnet. The post Recently Disrupted DanaBot Leaked Valuable Data for 3 Years appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Recently Disrupted DanaBot Leaked Valuable Data for 3 Years Read More »
Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’ 2025-06-10 at 21:20 By Ryan Naraine Redmond warns that external control of a file name or path in WebDAV “allows an unauthorized attacker to execute code over a network.” The post Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’ appeared first on SecurityWeek.
Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’ Read More »