Malware & Threats

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

ClickFix, Cloudflare, Malware & Threats /

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware 2025-06-05 at 14:47 By Kevin Townsend Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check. The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware Read More »

Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift

Featured, Honeywell, ICS, ICS/OT, Malware, Malware & Threats, OT, Ramnit, report /

Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift 2025-06-04 at 14:17 By Eduard Kovacs Industrial giant Honeywell has published its 2025 Cybersecurity Threat Report with information on the latest trends. The post Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift Read More »

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

APT, CrowdStrike, Featured, Malware & Threats, Management & Strategy, Microsoft, naming /

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names 2025-06-03 at 11:33 By Eduard Kovacs Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute. The post Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names Read More »

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure

Cryptocurrency, cybercrime, HashiCorp Nomad, Malware & Threats, Monero, Wiz, XMLRig /

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure 2025-06-02 at 19:02 By Ryan Naraine Cryptocurrency mining operation hits exposed Consul dashboards, Docker Engine APIs and Gitea code-hosting instances to push Monero miner. The post Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure Read More »

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently

CVE-2025-21479, CVE-2025-21480, CVE-2025-27038, Google TAG, Malware & Threats, Qualcomm, Vulnerabilities /

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently 2025-06-02 at 18:02 By Ryan Naraine Chipmaker says there are indications from Google Threat Analysis Group that a trio of flaws “may be under limited, targeted exploitation.” The post Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently appeared first

React to this headline:

Loading spinner

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently Read More »

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked

In Other News, Malware & Threats /

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked 2025-06-02 at 11:17 By SecurityWeek News Noteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of SilverRAT emerges online. The post In Other News: PoC for

React to this headline:

Loading spinner

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked Read More »

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns

Cofense, ESET, Firebase, Fraud & Identity Theft, Google, Malware & Threats, Trellix /

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns 2025-05-30 at 18:01 By Ionut Arghire Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages. The post Firebase, Google Apps Script Abused in Fresh Phishing Campaigns appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns Read More »

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

Asus, botnet, Censys, CVE-2023-39780, GreyNoise, IoT Security, Malware & Threats, ORB, Vulnerabilities /

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability 2025-05-29 at 17:37 By Ryan Naraine Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans. The post GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability Read More »

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites

Artificial Intelligence, Malware & Threats, Mandiant, UNC6032, Vietnam /

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites 2025-05-28 at 16:29 By Ionut Arghire Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites. The post Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites Read More »

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Info stealer, Malware & Threats, NPM, open source, Socket, Supply Chain Security /

Ongoing Campaign Uses 60 NPM Packages to Steal Data 2025-05-27 at 17:17 By Ionut Arghire Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information. The post Ongoing Campaign Uses 60 NPM Packages to Steal Data appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ongoing Campaign Uses 60 NPM Packages to Steal Data Read More »

Companies Warned of Commvault Vulnerability Exploitation

alert, CISA, Commvault, exploited, Malware & Threats, vulnerability /

Companies Warned of Commvault Vulnerability Exploitation 2025-05-23 at 13:48 By Ionut Arghire CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments. The post Companies Warned of Commvault Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Companies Warned of Commvault Vulnerability Exploitation Read More »

Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks

China, CityWorks, exploited, Malware & Threats, Trimble, Zero-Day /

Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks 2025-05-23 at 12:31 By Ionut Arghire A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US. The post Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks Read More »

DanaBot Botnet Disrupted, 16 Suspects Charged

botnet, DanaBot, Featured, law enforcement, Malware, Malware & Threats, takedown /

DanaBot Botnet Disrupted, 16 Suspects Charged 2025-05-23 at 12:03 By Eduard Kovacs The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted. The post DanaBot Botnet Disrupted, 16 Suspects Charged appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

DanaBot Botnet Disrupted, 16 Suspects Charged Read More »

Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors

China, critical infrastructure, cyberespionage, espionage, exploited, Ivanti, Malware & Threats /

Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors 2025-05-23 at 11:31 By Ionut Arghire A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors. The post Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors Read More »

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine

APT28, CISA, Malware & Threats, Nation-State, Russia, Ukraine, Unit 26165, Vulnerabilities /

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine 2025-05-21 at 23:47 By Ryan Naraine Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine.  The post CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine Read More »

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

infostealer, Justice Department, Lumma Stealer, Malware & Threats, Microsoft, Ransomware, Tracking & Law Enforcement /

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation 2025-05-21 at 21:48 By Ryan Naraine Redmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool included global manufacturers.  The post Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation Read More »

Printer Company Procolored Served Infected Software for Months

Malware, Malware & Threats, printer, Procolored /

Printer Company Procolored Served Infected Software for Months 2025-05-19 at 19:46 By Ionut Arghire Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor. The post Printer Company Procolored Served Infected Software for Months appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Printer Company Procolored Served Infected Software for Months Read More »

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

China APT, exploited, Malware & Threats, Ransomware, SAP /

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws 2025-05-15 at 13:48 By Ionut Arghire Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. The post Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws Read More »

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Advanced Protection, Android, Google, Lockdown, Malware & Threats, Mobile & Wireless, Zero-Day /

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware 2025-05-14 at 21:18 By Ryan Naraine Google bundles multiple safeguards under a single Android toggle to protect high-risk users from advanced mobile malware implants. The post Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware Read More »

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

CVE-2025-30397, CVE-2025-32706, CVE-2025-32709, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday 2025-05-13 at 21:16 By Ryan Naraine Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category. The post Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday Read More »

Scroll to Top