Security News

Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
2025-04-21 07:01

Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting...

State-sponsored hackers embrace ClickFix social engineering tactic
2025-04-20 14:14

ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia...

Chinese hackers target Russian govt with upgraded RAT malware
2025-04-18 13:43

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. [...]

Cisco Webex bug lets hackers gain code execution via meeting links
2025-04-18 12:09

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. [...]

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
2025-04-17 11:32

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a...

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
2025-04-15 14:06

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect...

Cybersecurity firm buying hacker forum accounts to spy on cybercriminals
2025-04-14 19:36

Swiss cybersecurity firm Prodaft has launched a new initiative called 'Sell your Source' where the company purchases verified and aged accounts on hacking forums to to spy on cybercriminals. [...]

Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT
2025-04-14 06:55

A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family...

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
2025-04-11 17:46

A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them...

Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks
2025-04-11 16:08

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector...