Latest Cybersecurity News and Articles
02 September 2025
The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE.
The attack, observed by NCC Group's Fox-IT in 2024, targeted an organization in the decentralized finance (DeFi) sector, ultimately leading to the compromise of an
02 September 2025
Part of a wave of DDoS attacks that lasted for weeks, the assault was a UDP flood mainly originating from Google Cloud.
The post Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack appeared first on SecurityWeek.
02 September 2025
The transaction is valued up to $150 million, including performance-based retention awards, a Varonis spokesperson told SecurityWeek.
The post Varonis Acquires Email Security Firm SlashNext appeared first on SecurityWeek.
02 September 2025
Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes with a variety of features to capture sensitive data from compromised systems.
"MystRodX is a typical backdoor implemented in C++, supporting features like file management, port forwarding, reverse shell, and socket management," QiAnXin XLab said in a report published last week. "Compared to typical
02 September 2025
The Midnight Blizzard cyberspies used compromised websites to trick users into authorizing devices they controlled.
The post Amazon Disrupts Russian Hacking Campaign Targeting Microsoft Users appeared first on SecurityWeek.
02 September 2025
The vulnerability (CVE-2025-55177) was exploited along an iOS/macOS zero-day in suspected spyware attacks.
The post WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users appeared first on SecurityWeek.
02 September 2025
The Harsh Truths of AI Adoption
MITs State of AI in Business report revealed that while 40% of organizations have purchased enterprise LLM subscriptions, over 90% of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4% of sensitive AI interactions are coming from personal email accounts, where employees are bypassing corporate
02 September 2025
Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025.
The activity originated from a Ukraine-based autonomous system FDN3 (AS211736), per French cybersecurity company Intrinsec.
"We believe with a high level of confidence that FDN3 is part of a wider abusive
02 September 2025
The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable Driver (BYOVD) attack aimed at disarming security solutions installed on compromised hosts.
The vulnerable driver in question is "amsdk.sys" (version 1.0.600), a 64-bit, validly signed Windows kernel device driver
02 September 2025
Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems.
The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347
01 September 2025
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.
01 September 2025
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware.
These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of Asia, ThreatFabric said in a report
01 September 2025
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door.
The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
01 September 2025
As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting
01 September 2025
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT.
The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures
01 September 2025
September 1st marks International Women in Cyber Day. While notable strides in progress have been made for women in the industry, there are still roadblocks that impede many career journeys.
30 August 2025
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes.
"In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating a
30 August 2025
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks.
The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the
29 August 2025
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.
The flaws, per watchTowr Labs, are listed below -
CVE-2025-53693 - HTML cache poisoning through unsafe reflections
CVE-2025-53691 - Remote code execution (RCE) through insecure deserialization
CVE-2025-53694 -
29 August 2025
A Meta malvertising campaign has expanded to Android phones.