Security News

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
2025-03-31 12:04

Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites....

Chinese FamousSparrow hackers deploy upgraded malware in attacks
2025-03-27 18:38

A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. [...]

The 4 WordPress flaws hackers targeted the most in Q1 2025
2025-03-27 16:29

A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [...]

Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
2025-03-27 14:10

A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's...

Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!
2025-03-27 10:00

Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office...

StreamElements discloses third-party data breach after hacker leaks data
2025-03-26 18:42

Cloud-based streaming company StreamElements confirms it suffered a data breach at a third-party service provider after a threat actor leaked samples of stolen data on a hacking forum. [...]

Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
2025-03-26 18:26

CVE-2025-22230 is described as an "authentication bypass vulnerability" by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials.

Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
2025-03-26 08:53

Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security. Atlantis AIO "has emerged as a...

Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years
2025-03-25 11:54

A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident...

Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
2025-03-25 09:10

Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media...