Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities
Internet monitoring services showed ongoing disruptions to Russia's tax service, as well as services for managing secure digital keys and documents (Saby), among others.
Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by...
2025-05-15 • ESET Research • Matthieu Faou • js.spypress Open article on Malpedia
The logistics firm Peter Green Chilled, a key supplier to major UK supermarkets including Tesco, Sainsbury’s, and Aldi, fell victim to a cyberattack. The company confirmed that its computer...
Weeks after LockBit ransomware breach, leaked data reveals how affiliates generate ransomware, set ransom demands, and often walk away unpaid.
SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. [...]
Yubico's roaming authenticators can now be provisioned and delivered in 175 countries. Here's what the service offers.
In today’s fast-evolving ransomware landscape, threat actors are accelerating their tactics to gain access and deploy payloads with alarming speed. Increasingly, attackers are leveraging known...
Peter Green Chilled, which ships refrigerated food to supermarkets, is the latest company in the U.K.'s grocery sector to announce disruption from a cyberattack.
Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises
A threat actor named 'Hazy Hawk' has been using DNS CNAME hijacking to hijack abandoned cloud endpoints of domains belonging to trusted organizations and incorporate them in large-scale scam...
RVTools installer on its official site was found delivering malware. Research shows it spread Bumblebee loader. Users urged to verify downloads.
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and...
2025-05-13 • Proofpoint • Greg Lesnewich, Mark Kelly, Saher Naumaan Open article on Malpedia
2025-05-19 • The DFIR Report • 0xtornado, pcsc0ut, Randy Pargman • win.mimic, win.mimikatz Open article on Malpedia
Seven sources tell CyberScoop that a lack of coordination and miscommunication between federal agencies and the telecommunications industry left critical networks exposed to the Chinese hacking...
The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware...
The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware...
Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on…
Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks to trick agents into changing passwords, disabling MFA, and granting access....
Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.
When a formerly incarcerated “troubleshooter for the mafia” looked for a second career he chose the thing he knew best. He became a prison consultant for white-collar criminals.
2025-05-13 • EclecticIQ • Arda Büyükkaya • elf.krustyloader, elf.snowlight, win.vshell Open article on Malpedia
Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media
2025-05-08 • Fortinet • Ran Mizrahi • jar.ratty Open article on Malpedia
2025-05-12 • Genians • Genians • win.rokrat Open article on Malpedia
2025-05-19 • cyjax • Joe Wrieden • win.bumblebee Open article on Malpedia
2025-05-09 • Lumen • Black Lotus Labs Open article on Malpedia
Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority