Aug 25, 2025Ravie LakshmananContainer Security / Vulnerability Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out…
Cybersecurity researchers have flagged a new phishing campaign that’s using fake voicemails and purchase orders to deliver a malware loader called UpCrypter. The campaign leverages “carefully crafted emails to deliver malicious URLs linked to convincing…
Aug 25, 2025Ravie LakshmananCybersecurity News / Hacking Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the…
Security Information and Event Management (SIEM) systems act as the primary tools for detecting suspicious activity in enterprise networks, helping organizations identify and respond to potential attacks in real time. However, the new Picus Blue…
Aug 25, 2025Ravie LakshmananMalware / Cyber Attack The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut…
Aug 24, 2025Ravie LakshmananMalware / Supply Chain Security Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its…
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.…
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The “Linux-specific malware infection chain that starts with a spam email with a malicious…
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks. “The adversary has also…
Aug 22, 2025Ravie LakshmananOnline Fraud / Financial Crime INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. “The crackdown recovered $97.4 million and dismantled 11,432…