Skip to content
cyber news Page 27

cyber news

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Oct 14, 2025Ravie LakshmananMalware / Typosquatting Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks. Webhooks… 

Read More »npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Oct 14, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint… 

Read More »Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain
WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Oct 13, 2025Ravie LakshmananCybersecurity / Hacking News Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By… 

Read More »WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an “exploit shotgun” approach, has singled out a… 

Read More »Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Oct 13, 2025Ravie LakshmananBrowser Security / Windows Security Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving “credible reports” in August 2025 that unknown threat actors were abusing… 

Read More »Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Oct 13, 2025Ravie LakshmananMalware / Financial Security Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in… 

Read More »Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

Oct 13, 2025Ravie LakshmananRansomware / Windows Security Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. “Threat actors… 

Read More »New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

Oct 12, 2025Ravie LakshmananVulnerability / Threat Intelligence Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data. The… 

Read More »New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login