React2Shell Attacks Linked to North Korean Hackers 2025-12-09 at 17:40 By Eduard Kovacs North Korean threat actors are believed to be behind CVE-2025-55182 exploitation delivering EtherRAT. The post React2Shell Attacks Linked to North Korean Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React2Shell Attacks Linked to North Korean Hackers Read More »
New ‘Broadside’ Botnet Poses Risk to Shipping Companies 2025-12-09 at 14:08 By Ionut Arghire The botnet attempts to steal credentials from infected TBK DVR devices, in addition to abusing them to launch DDoS attacks. The post New ‘Broadside’ Botnet Poses Risk to Shipping Companies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
New ‘Broadside’ Botnet Poses Risk to Shipping Companies Read More »
US Organizations Warned of Chinese Malware Used for Long-Term Persistence 2025-12-05 at 16:35 By Ionut Arghire Warp Panda has been using the BrickStorm, Junction, and GuestConduit malware in attacks against US organizations. The post US Organizations Warned of Chinese Malware Used for Long-Term Persistence appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
US Organizations Warned of Chinese Malware Used for Long-Term Persistence Read More »
Reporters Without Borders Targeted by Russian Hackers 2025-12-04 at 17:06 By Ionut Arghire The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF). The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Reporters Without Borders Targeted by Russian Hackers Read More »
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors 2025-12-02 at 16:35 By Ionut Arghire The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access. The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors Read More »
New Albiriox Android Malware Developed by Russian Cybercriminals 2025-12-01 at 16:31 By Eduard Kovacs Albiriox is a banking trojan offered under a malware-as-a-service model for $720 per month. The post New Albiriox Android Malware Developed by Russian Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
New Albiriox Android Malware Developed by Russian Cybercriminals Read More »
640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack 2025-11-25 at 12:58 By Ionut Arghire The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories. The post 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack appeared first on SecurityWeek. This article is an
640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack Read More »
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks 2025-11-21 at 13:46 By Ionut Arghire APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads. The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks Read More »
New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages 2025-11-20 at 17:56 By Eduard Kovacs The Android malware is in development and appears to be mainly aimed at users in Europe. The post New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages Read More »
Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign 2025-11-19 at 15:31 By Ionut Arghire Threat actors are exploiting a two-year-old vulnerability in the Ray AI framework in a fresh campaign that hit numerous clusters, Oligo reports. Maintained by Anyscale, Ray is an open source framework for scaling Python-based AI and ML applications. Ray clusters
Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign Read More »
Iranian Hackers Target Defense and Government Officials in Ongoing Campaign 2025-11-17 at 16:30 By Ionut Arghire The state-sponsored APT has been targeting the victims’ family members to increase pressure on their targets. The post Iranian Hackers Target Defense and Government Officials in Ongoing Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Iranian Hackers Target Defense and Government Officials in Ongoing Campaign Read More »
CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks 2025-11-13 at 17:14 By Ionut Arghire Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks. The post CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks appeared first on SecurityWeek. This article is an excerpt
CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks Read More »
Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm 2025-11-13 at 15:18 By Ionut Arghire The spam campaign is likely orchestrated by an Indonesian threat actor, based on code comments and the packages’ random names. The post Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm appeared first on SecurityWeek. This article is
Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm Read More »
Landfall Android Spyware Targeted Samsung Phones via Zero-Day 2025-11-07 at 19:39 By Eduard Kovacs Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East. The post Landfall Android Spyware Targeted Samsung Phones via Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Landfall Android Spyware Targeted Samsung Phones via Zero-Day Read More »
ClickFix Attacks Against macOS Users Evolving 2025-11-07 at 15:41 By Eduard Kovacs ClickFix prompts typically contain instructions for Windows users, but now they are tailored for macOS and they are getting increasingly convincing. The post ClickFix Attacks Against macOS Users Evolving appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
ClickFix Attacks Against macOS Users Evolving Read More »
Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns 2025-11-05 at 17:25 By Eduard Kovacs Google has released a report describing the novel ways in which malware has been using AI to adapt and evade detection. The post Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns
Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns Read More »
Transportation Companies Hacked to Steal Cargo 2025-11-04 at 17:17 By Ionut Arghire Threat actors engage in elaborate attack chains to infect trucking and logistics companies with remote access tools. The post Transportation Companies Hacked to Steal Cargo appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Transportation Companies Hacked to Steal Cargo Read More »
SesameOp Malware Abuses OpenAI API 2025-11-04 at 16:27 By Ionut Arghire A component of the newly discovered SesameOp backdoor uses the API to store and relay commands from the C&C server. The post SesameOp Malware Abuses OpenAI API appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SesameOp Malware Abuses OpenAI API Read More »
Open VSX Downplays Impact From GlassWorm Campaign 2025-10-31 at 19:32 By Ionut Arghire Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense. The post Open VSX Downplays Impact From GlassWorm Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Open VSX Downplays Impact From GlassWorm Campaign Read More »
In Other News: WhatsApp Passkey-Encrypted Backups, Russia Targets Meduza Malware, New Mastercard Solution 2025-10-31 at 17:18 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: several interesting Android malware families, UN cybercrime treaty, criminal complaint against Clearview AI in Europe. The post In Other News: WhatsApp Passkey-Encrypted Backups, Russia Targets Meduza