Malware & Threats

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine

APT28, CISA, Malware & Threats, Nation-State, Russia, Ukraine, Unit 26165, Vulnerabilities /

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine 2025-05-21 at 23:47 By Ryan Naraine Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine.  The post CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]

React to this headline:

Loading spinner

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine Read More »

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

infostealer, Justice Department, Lumma Stealer, Malware & Threats, Microsoft, Ransomware, Tracking & Law Enforcement /

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation 2025-05-21 at 21:48 By Ryan Naraine Redmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool included global manufacturers.  The post Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation Read More »

Printer Company Procolored Served Infected Software for Months

Malware, Malware & Threats, printer, Procolored /

Printer Company Procolored Served Infected Software for Months 2025-05-19 at 19:46 By Ionut Arghire Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor. The post Printer Company Procolored Served Infected Software for Months appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Printer Company Procolored Served Infected Software for Months Read More »

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

China APT, exploited, Malware & Threats, Ransomware, SAP /

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws 2025-05-15 at 13:48 By Ionut Arghire Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. The post Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws Read More »

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Advanced Protection, Android, Google, Lockdown, Malware & Threats, Mobile & Wireless, Zero-Day /

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware 2025-05-14 at 21:18 By Ryan Naraine Google bundles multiple safeguards under a single Android toggle to protect high-risk users from advanced mobile malware implants. The post Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware Read More »

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

CVE-2025-30397, CVE-2025-32706, CVE-2025-32709, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday 2025-05-13 at 21:16 By Ryan Naraine Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category. The post Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday Read More »

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack

Malware & Threats, NPM, RAT, supply chain /

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack 2025-05-09 at 17:32 By Ionut Arghire Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor. The post Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack Read More »

Malicious NPM Packages Target Cursor AI’s macOS Users

Cursor AI, Malware, Malware & Threats, NPM /

Malicious NPM Packages Target Cursor AI’s macOS Users 2025-05-09 at 16:12 By Ionut Arghire Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor. The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Malicious NPM Packages Target Cursor AI’s macOS Users Read More »

Google Finds Data Theft Malware Used by Russian APT in Select Cases

Google, LostKeys, Malware, Malware & Threats, Russia, Star Blizzard /

Google Finds Data Theft Malware Used by Russian APT in Select Cases 2025-05-08 at 15:04 By Ionut Arghire Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware. The post Google Finds Data Theft Malware Used by Russian APT in Select Cases appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Finds Data Theft Malware Used by Russian APT in Select Cases Read More »

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack

lawsuit, Malware & Threats, Meta, nso group, spyware, WhatsApp /

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack 2025-05-07 at 14:35 By Eduard Kovacs Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”. The post Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack appeared first on

React to this headline:

Loading spinner

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack Read More »

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down

In Other News, Malware & Threats /

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down 2025-05-02 at 15:23 By SecurityWeek News Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code

React to this headline:

Loading spinner

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down Read More »

Chinese APT’s Adversary-in-the-Middle Tool Dissected

AitM, China, Malware, Malware & Threats, TheWizards /

Chinese APT’s Adversary-in-the-Middle Tool Dissected 2025-05-01 at 14:18 By Ionut Arghire ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor. The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Chinese APT’s Adversary-in-the-Middle Tool Dissected Read More »

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances 

Data Breaches, DBIR, Fortinet, Incident Response, Ivanti, Malware & Threats, Ransomware, SonicWall, Verizon /

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  2025-04-24 at 18:12 By Ryan Naraine The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices. The post Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  Read More »

Many Malware Campaigns Linked to Proton66 Network

ASN, bulletproof hosting, Malware, Malware & Threats, Proton66 /

Many Malware Campaigns Linked to Proton66 Network 2025-04-22 at 14:33 By Ionut Arghire Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN. The post Many Malware Campaigns Linked to Proton66 Network appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Many Malware Campaigns Linked to Proton66 Network Read More »

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature

Bybit, Cryptocurrency, Fraud & Identity Theft, Lazarus, Malware & Threats, North Korea, social engineering, Zoom /

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature 2025-04-21 at 19:02 By Ryan Naraine North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware. The post North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature Read More »

MITRE Hackers’ Backdoor Has Targeted Windows for Years

backdoor, BrickStorm, China, Malware & Threats, MITRE /

MITRE Hackers’ Backdoor Has Targeted Windows for Years 2025-04-17 at 12:02 By Ionut Arghire Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years. The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Hackers’ Backdoor Has Targeted Windows for Years Read More »

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild

backdoor, BPFDoor, China, Malware, Malware & Threats /

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild 2025-04-16 at 14:55 By Ionut Arghire In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally. The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild Read More »

Microsoft Warns of Node.js Abuse for Malware Delivery

Malware, Malware & Threats, Node.js /

Microsoft Warns of Node.js Abuse for Malware Delivery 2025-04-16 at 14:01 By Eduard Kovacs In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads. The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Warns of Node.js Abuse for Malware Delivery Read More »

Conduent Says Names, Social Security Numbers Stolen in Cyberattack

conduent, Incident Response, Malware & Threats, Ransomware, Safepay, SEC /

Conduent Says Names, Social Security Numbers Stolen in Cyberattack 2025-04-15 at 17:34 By Ionut Arghire The business services provider confirms personal information such as names and Social Security numbers was stolen in a January cyberattack. The post Conduent Says Names, Social Security Numbers Stolen in Cyberattack appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Conduent Says Names, Social Security Numbers Stolen in Cyberattack Read More »

Scroll to Top