Skip to content
[email protected] (The Hacker News) Page 18

[email protected] (The Hacker News)

U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

Nov 04, 2025Ravie LakshmananRansomware / Cybercrime Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and… 

Read More »U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Nov 04, 2025Ravie LakshmananArtificial Intelligence / Malware Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. “Instead of relying on more traditional… 

Read More »Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel
Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex’s John Tuckner, the… 

Read More »Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Nov 03, 2025Ravie LakshmananCybercrime / Supply Chain Attack Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial… 

Read More »Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Nov 03, 2025Ravie LakshmananCybersecurity / Hacking News Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after… 

Read More »Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
How Continuous Exposure Management Transforms Security Operations

How Continuous Exposure Management Transforms Security Operations

Nov 03, 2025The Hacker NewsSOC Operations / Exposure Management Security Operations Centers (SOC) today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs… 

Read More »How Continuous Exposure Management Transforms Security Operations
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the… 

Read More »Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

Nov 03, 2025Ravie LakshmananCybersecurity / Malware The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South… 

Read More »New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

Nov 01, 2025Ravie LakshmananArtificial Intelligence / Vulnerability The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known… 

Read More »ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability