Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

May 27, 2025Ravie LakshmananMalware / Threat Intelligence The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is…

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under…

CISO’s Guide To Web Privacy Validation And Why It’s Important

May 26, 2025The Hacker NewsData Privacy / Web Security Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web privacy validation that’s…

APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

May 26, 2025Ravie LakshmananCybersecurity / Hacking News Cyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just…

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

May 25, 2025Ravie LakshmananThreat Intelligence / Software Security Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework.…

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. “The ClickFix technique is particularly risky because it allows the malware to execute…

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

May 23, 2025Ravie LakshmananThreat Intelligence / Network Security Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like…

300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

May 23, 2025Ravie LakshmananRansomware / Dark Web As part of the latest “season” of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest…

Open Source Web Application Firewall with Zero-Day Detection and Bot Protection

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF)…

U.S. Dismantles DanaBot Malware Network, Charges 16 in M Global Cybercrime Operation

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment…

« Previous
1
…
205
206
207
208
209
…
503
Next »