Security News

Cybercriminals exploit AI hype to spread ransomware, malware
2025-05-29 14:25

Threat actors linked to lesser-known ransomware and malware projects now use AI tools as lures to infect unsuspecting victims with malicious payloads. [...]

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints
2025-05-29 10:34

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to...

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations
2025-05-29 05:59

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). The tech...

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware
2025-05-28 11:00

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads,...

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch
2025-05-28 09:23

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The activity, observed by GreyNoise...

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
2025-05-22 15:06

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and...

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
2025-05-22 12:07

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe,...

CTM360 report: Ransomware exploits trust more than tech
2025-05-22 05:30

A recent wave of ransomware attacks has disrupted major retailers across the UK. According to a new report from CTM360, the attackers didn’t need to break down the door, they were invited in...

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
2025-05-21 18:06

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be...

Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains
2025-05-20 15:57

A threat actor named 'Hazy Hawk' has been using DNS CNAME hijacking to hijack abandoned cloud endpoints of domains belonging to trusted organizations and incorporate them in large-scale scam...