2025-06-20 • Validin • Kenneth Kinion Open article on Malpedia
The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. [...]
Russia-linked hackers are back at it again, this time with upgraded tools and a stealthier playbook targeting Ukrainian government systems. Ukraine’s national Computer Emergency Response Team has...
Malware hidden in fake Minecraft Mods on GitHub is stealing passwords and crypto from players. Over 1,500 devices may be affected, researchers warn.
The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom...
Four REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges. [...]
Zyxel users beware: A critical remote code execution flaw (CVE-2023-28771) in Zyxel devices is under active exploitation by a Mirai-like botnet. GreyNoise observed a surge on June 16, targeting...
McLaren Health Care is warning 743,000 patients that the health system suffered a data breach caused by a July 2024 attack by the INC ransomware gang. [...]
Unmanned vehicles are increasingly becoming essential weapons of war. But with a potential conflict with China looming large, Taiwan is scrambling to build a domestic drone industry from scratch.
The U.S. Department of Homeland Security (DHS) on Sunday issued a National Terrorism Advisory System (NTAS) bulletin warning... The post NTAS bulletin highlights rising cyber, terror threats to US...
The UK government’s Cyber Essentials scheme hits 10,000 certifications for the first time in a quarter but challenges persist
New Zealand’s National Cyber Security Centre (NCSC) has introduced ten Minimum Cyber Security Standards to support agencies under... The post NZ NCSC mandates minimum cybersecurity baseline for...
Recorded Future warns that Russian hybrid threats, including sabotage of critical infrastructure, vandalism, weaponized migration, and military intimidation,... The post Russian hybrid threats...
The CHERI Alliance, a global coalition dedicated to enhancing cybersecurity through hardware memory safety technology, announced that BT... The post BT Group joins CHERI Alliance to advance...
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, Tenable experts...
SecurityScorecard has discovered a covert cyber-espionage botnet dubbed “LapDogs” linked to China
Nucor, North America's largest steel producer and recycler, has confirmed that attackers behind a recent cybersecurity incident have also stolen data from the company's network. [...]
SparkKitty, a new Trojan spy for iOS and Android, spreads through untrusted websites, the App Store, and Google Play, stealing images from users' galleries.
The file was left entirely unprotected - no encryption, no password, no safeguards - just a plain text document holding millions of sensitive data entries.
This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 67 threat intelligence articles and compiled a concise summary along with the relevant metadata that was...
Dive into the concept of the "retaliation window"—how timing influences threat intelligence, risk management, and strategic decision-making in today's cyber and business landscape.
The US concentrated its attack on Fordow, an enrichment plant built hundreds of feet underground. Aerial photos give important clues about what damage the “bunker-buster” bombs may have caused.
Infostealers, traffers operations & the BASE34 group
Scammers used Inferno Drainer to steal $43,000 in crypto from 110 CoinMarketCap users through a fake wallet prompt embedded in the site’s front-end.
CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors' crypto. [...]
ASEC Blog publishes ” Mobile Security & Malware Issue 3st Week of June, 2025″
Lately, attacks on South Korean web servers utilizing MeshAgent and SuperShell have been identified. The presence of ELF-based malware at the malicious code distribution address suggests that the...
Oxford City Council warns it suffered a data breach where attackers accessed personally identifiable information from legacy systems. [...]
Microsoft announced that the Windows screenshot and screencast Snipping Tool utility is getting support for exporting animated GIF recordings. [...]
Wondering if your information is posted online from a data breach? Here's how to check if your accounts are at risk and what to do next.