2025-07-01 • SpyCloud • SpyCloud Labs Research Team Open article on Malpedia
2025-07-02 • CrowdStrike • Counter Adversary Operations Open article on Malpedia
2025-07-03 • Rapid7 • Rapid7 • win.mimikatz, win.poortry Open article on Malpedia
2025-06-30 • Microsoft • Microsoft Threat Intelligence Open article on Malpedia
In May 2025, Cybereason Global Security Operations Center (GSOC) detected that threat actors have been hosting malicious WordPress websites to deliver malicious versions of the legitimate...
Over the last ten years, more than 600 million websites have been secured with free certificates from Let's Encrypt. Here's how it all began and why.
2025-07-04 • Qianxin • RedDrip7 Open article on Malpedia
SatanLock ransomware gang shuts down after weeks of attacks and plans to leak stolen victim data. Group linked to Babuk-Bjorka and GD Lockersec families.
Democrats have critiqued the bill for not protecting funds for the Cybersecurity and Infrastructure Security Agency. The post GOP domestic policy bill includes hundreds of millions for military...
Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers. [...]
Vulnerability research company WatchTowr published a detection analysis for the Citrix Blled 2 flaw
Ingram Micro is one of the largest distributors of tech and cloud products.
A previously undocumented spyware called 'Batavia' has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures. [...]
Stephen Bonner, a top official at Britain's Information Commissioner’s Office (ICO), is set to join TikTok later this year, a move drawing criticism as an example of the "revolving door" between...
Use of Hard-coded Password vulnerability (CVE-2025-3920) has been found in SUR-FBD CMMS software.
Cybersecurity researchers have observed a 156% increase in credential theft incidents between 2024 and Q1 2025
AI coding is a big security problem when most security teams are still relying on tools designed for a world where human-written code remains prevalent. The post The dual reality of AI-augmented...
Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the...
A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan (RAT) called DRAT. The activity has been...
Intel 471’s latest intelligence update for July reveals a surge in sophisticated cyber campaigns carried out by advanced... The post Global cyber threat campaigns escalate as APT groups target...
Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices.
The Federal Energy Regulatory Commission (FERC) has published a final action notice that approves proposed Reliability Standard CIP-015-1... The post FERC greenlights proposed NERC Reliability...
Qantas said it is currently validating the contact, and has informed law enforcement
2025-06-23 • DeXpose • M4lcode • win.phemedrone_stealer Open article on Malpedia
2025-07-02 • Netresec • Erik Hjelmvik • win.purelogs Open article on Malpedia
2025-07-01 • Medium walmartglobaltech • Jason Reaves • win.janela_rat Open article on Malpedia
2025-07-02 • K7 Security • Suresh Reddy • osx.amos Open article on Malpedia
Check Point has discovered over 1000 suspicious domains registered in the run-up to Amazon Prime Day
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable...
Distributor Ingram Micro says it has found ransomware on its internal systems