Skip to content
info@thehackernews.com (The Hacker News) Page 53

info@thehackernews.com (The Hacker News)

New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations

New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations

Mar 26, 2025Ravie LakshmananMalware / Vulnerability The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to… 

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

Mar 26, 2025Ravie LakshmananWindows Security / Vulnerability The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and… 

RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

Mar 26, 2025The Hacker NewsRansomware / Endpoint Security The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor’s tradecraft. The activity,… 

Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks

Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks

Mar 26, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply… 

Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms

Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms

Mar 26, 2025Ravie LakshmananPassword Security / Cybercrime Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security. Atlantis AIO “has emerged as a… 

Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Mar 26, 2025Ravie LakshmananBrowser Security / Vulnerability Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part… 

New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround

New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround

Mar 26, 2025Ravie LakshmananVulnerability / Data Security Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass. Tracked as CVE-2025-22230, the vulnerability… 

Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker

Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker

Mar 25, 2025Ravie LakshmananThreat Intelligence / Malware A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. “Raspberry Robin (also known as Roshtyak or Storm-0856) is a…