Skip to content
network security

network security

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

Aug 01, 2025Ravie LakshmananMalware / Artificial Intelligence Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced… 

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

Aug 01, 2025Ravie LakshmananThreat Intelligence / Ransomware The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also… 

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

Jul 31, 2025Ravie LakshmananCyber Espionage / Network Security The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of… 

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

Jul 31, 2025Ravie LakshmananPhishing / Threat Intelligence Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. “Link wrapping… 

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

Jul 31, 2025Ravie LakshmananCryptocurrency / Malware The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. “Under the guise of… 

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

Jul 31, 2025Ravie Lakshmanan The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM) infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack. The cyber-physical attack… 

Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs

Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs

Jul 31, 2025The Hacker NewsSecurity Operations / Threat Detection Security Operations Centers (SOCs) are stretched to their limits. Log volumes are surging, threat landscapes are growing more complex, and security teams are chronically understaffed. Analysts… 

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries…