2025-05-30 • Intrinsec • David Sardinha Open article on Malpedia
A report on the dark web marketplace Russian Market showed Acreed has emerged as the leading infostealer
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives...
2025-05-22 • Elastic • Daniel Stepanic • win.rhadamanthys Open article on Malpedia
The "Russian Market" cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. [...]
Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control.
New research from Forescout Technologies disclosed that in 2024, there was a 71 percent increase in threat actors... The post Hacktivists, state-sponsored groups step up cyberattacks targeting...
Dutch, US and Finnish investigators have taken cybercrime service AVCheck offline
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable’s...
Do you have online accounts you haven't used in years? If so, a bit of digital spring cleaning might be in order.
Microsoft has released an out-of-band update to address a known issue causing some Windows 11 systems to enter recovery and fail to start while trying to install the KB5058405 May 2025 security...
2025-05-31 • The Insider • Christo Grozev, Michael Weiss, Roman Dobrokhotov Open article on Malpedia
Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted...
This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 51 threat intelligence reports and have summarized the findings along with the relevant metadata that was...
The issue explores trust as a vital facet in today’s business environment.
The MELSERVO-J5 Servo Series now supports EtherNet/IP and EtherCAT, enabling seamless network switching without extra hardware.
JINX-0132 targets exposed Nomad servers lacking ACL protections by submitting malicious jobs through the API, effectively gaining remote code execution. These jobs download and run the XMRig miner...
As more businesses face pressure to do more with fewer resources, automation platforms like Flowable are becoming central…
AhnLab SEcurity intelligence Center (ASEC) has confirmed that the ViperSoftX attacker is continuously distributing malware to users in Korea. ViperSoftX is a type of malware that resides in...
Greater recognition of the fragility and interdependence of critical manufacturing systems is reflected in the move toward sustainable... The post Sustainable cyber risk management emerges as...
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat...
Quorum Cyber identifies two new NodeSnake RAT variants, strongly attributed to Interlock ransomware, impacting UK higher education and local government.
A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that their malicious software stayed...
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. [...]
The latest episode of the Sustain podcast features Kade Morton from Arachne Digital, and it’s a grounded conversations about cybersecurity and open source.In the episode, Kade talks candidly about...
AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said. The...
AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said. The...
The wrong way to get out of Trump's America.
A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification...
The 28-year-old, who’d been employed by the Defense Intelligence Agency since 2019, specialized in insider threats and had top secret security clearance, officials said. The post US intelligence...