Botnets are becoming more sophisticated and accessible. DDoS attacks, cryptocurrency mining and data theft are just a few examples of botnet capabilities.
Part 1 of 2: The data in motion edition
Valve removed a video game called Sniper: Phantom's Resolution from Steam after users reported that its free demo contained malware.
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. [...]
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. "UAT-5918, a threat actor believed to be...
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details...
The FCC commissioner said letters of inquiry and at least one subpoena have been sent to Chinese-owned companies. The post FCC’s Carr alleges Chinese companies are making ‘end run’ around Chinese...
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD)...
After Windows defenses improved, the attackers switched to targeting Mac and Safari users with these very effective scams.
After Windows defenses improved, the attackers switched to targeting Mac and Safari users with these very effective scams.
The latest version patches a critical security flaw that could allow a web page to run malicious code in the browser.
Credential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how…
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers [...]
After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that...
The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations. These...
Tornado Cash, which the U.S. sanctioned in 2022, was dropped from that list by the Trump administration following a court decision favoring the cryptocurrency mixer in November.
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. "Head Mare relied heavily on tools...
2025-03-12 • Red Canary • Red Canary • win.hijackloader, win.lumma, win.netsupportmanager_rat Open article on Malpedia
2025-03-20 • ESET Research • Matthieu Faou • win.shadowpad, win.sodamaster, win.spyder Open article on Malpedia
The fake listings were part of a scam that used the old bait-and-switch tactic to prey on people - and there may be more lurking out there.
Cybersecurity services firm Bridewell revealed that the top challenges facing critical national infrastructure (CNI) organizations are consistent with... The post Bridewell reports rising cyber...
2025-03-16 • cyb3rjerry • py.redtiger Open article on Malpedia
Trend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations
A newly revealed RCE vulnerability in Apache Tomcat is under active exploitation, just 30 hours after its public disclosure and the release of a PoC. The successful exploitation of CVE-2025-24813...
A new phishing campaign is targeting SEO professionals with malicious Semrush Google Ads that aim to steal their Google account credentials. [...]
Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users' emails. [...]
Two sources in the zero-day industry say Operation Zero's prices for exploits against the popular messaging app Telegram will depend on different factors.
2025-03-13 • Securonix • Den Iyzvyk, Tim Peck • win.quasar_rat, win.r77 Open article on Malpedia
Three new bugs added to CISA's KEV catalog, RaaS affiliates use new custom backdoor, and compromised GitHub Action exposes CI/CD secrets.
2025-03-13 • EclecticIQ • Arda Büyükkaya • win.blackbasta Open article on Malpedia