Skip to content
cyber attacks

cyber attacks

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm

Jul 25, 2025Ravie LakshmananCybercrime / Insider Threat The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent… 

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

Jul 25, 2025Ravie LakshmananMalware / Threat Intelligence The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. “The campaign employs… 

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Jul 25, 2025Ravie LakshmananCyber Espionage / Malware Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation… 

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

Jul 25, 2025Ravie LakshmananMalware / Cloud Security Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed… 

Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems

Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems

Jul 24, 2025Ravie LakshmananVulnerability / Network Security Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections. “An authentication bypass vulnerability has… 

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

Jul 24, 2025Ravie LakshmananVirtualization / Network Security Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is… 

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Jul 24, 2025Ravie LakshmananMalware / Cybercrime Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans… 

Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices

Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices

Jul 24, 2025Ravie LakshmananNetwork Security / Vulnerability Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote… 

Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them

Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them

Jul 24, 2025The Hacker News Is Managing Customer Logins and Data Giving You Headaches? You’re Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let’s be honest, we’re also more careful…