Skip to content
network security Page 6

network security

PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack

PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack

Jun 27, 2025Ravie LakshmananVulnerability / Cyber Espionage A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related… 

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

Jun 27, 2025Ravie LakshmananMalware / Cyber Attack A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit.… 

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Jun 27, 2025Ravie LakshmananNetwork Security / Vulnerability Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for… 

OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. “The campaign exhibits characteristics aligned… 

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Jun 26, 2025Ravie LakshmananOpen Source / Vulnerability Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of the entire Visual… 

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Jun 26, 2025Ravie LakshmananVulnerability, Network Security Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute… 

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

Jun 26, 2025Ravie LakshmananCyber Attack / Malware Analysis The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half… 

Why Built-In Protections Aren’t Enough for Modern Data Resilience

Why Built-In Protections Aren’t Enough for Modern Data Resilience

SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous… 

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

Jun 26, 2025Ravie LakshmananCyber Espionage / Malware An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer…