Skip to content
Security News, Assessments & Alerts Page 9

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs, occurred via a… 

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

Cybersecurity researchers are calling attention to a malware campaign that’s targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers to rope the devices into a new botnet called RondoDox. The vulnerabilities in… 

Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are… 

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Jul 08, 2025Ravie LakshmananCyber Espionage / Threat Intelligence Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has… 

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

Jul 08, 2025Ravie LakshmananCyber Attacks / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the… 

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity, per Arctic Wolf, promotes fake…