Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. “Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand…
Category: EN
US Charges Members of Chinese Hacker-for-Hire Group i-Soon
The DoJ has charged Chinese government and i-Soon employees for a series of for-profit data theft campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Members of Chinese Hacker-for-Hire Group i-Soon
Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity
Kaspersky experts have discovered campaigns distributing stealers, malicious PowerShell scripts, and backdoors through web pages mimicking the DeepSeek and Grok websites. This article has been indexed from Securelist Read the original article: Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity
Google Silently Tracks Android Device Even No Apps Opened by User
Google collects and stores significant amounts of user data on Android devices, even when users haven’t opened any Google apps. The study by Professor D.J. Leith from Trinity College Dublin, documents for the first time how pre-installed Google apps silently…
Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks
Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on SecurityWeek. This…
Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor
China-linked Lotus Blossom APT targets governments and industries in Asian countries with new Sagerunex backdoor variants. Talos researchers linked China-backed Lotus Blossom APT (also known as Elise and Esile) to multiple campaigns targeting organizations in sectors such as government, manufacturing,…
Riskified Adaptive Checkout mitigates fraud for ecommerce merchants
Riskified launched Adaptive Checkout, a solution designed to drive higher conversion rates by not falsely declining good orders while also mitigating fraud for ecommerce merchants. This configuration of Riskified’s Chargeback Guarantee product enhances existing fraud prevention models by incorporating a…
Case Study: Gaining Internal Network Access Through Physical Penetration Testing
A recent physical penetration test conducted by cybersecurity firm Hackmosphere, revealed critical security flaws in a furniture company’s retail store. The test, which simulated real-world attack scenarios, exposed four major vulnerabilities that could potentially lead to unauthorized access to sensitive…
Cybercriminals Exploit YouTubers to Spread SilentCryptoMiner on Windows Systems
A sophisticated malware campaign has been uncovered, exploiting the growing popularity of Windows Packet Divert drivers for bypassing internet restrictions. Cybercriminals are distributing the SilentCryptoMiner malware disguised as legitimate tools, affecting over 2,000 victims in Russia alone. The attack vector…
7 Malicious Go Packages Target Linux & macOS to Deploy Stealthy Malware Loader
Security researchers at Socket have uncovered a sophisticated malware campaign targeting the Go ecosystem. The threat actor has published at least seven malicious packages on the Go Module Mirror, impersonating widely-used Go libraries to install hidden loader malware on Linux…
Black Basta’s Notorious Tactics and Techniques Exposed in Leaked Intel
A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations, capabilities, and motivations. The leak, released on February 11, 2024, by a Telegram user named ExploitWhispers, contained…
Android App With 220,000+ Downloads From Google Play Installs Banking Trojan
A sophisticated Android banking trojan campaign leveraging a malicious file manager application accumulated over 220,000 downloads on the Google Play Store before its removal. Dubbed Anatsa (also known as TeaBot), the malware targets global financial institutions through a multi-stage infection…
SecP0 Ransomware Group Threatens Organizations to Leak Vulnerability Details
A new ransomware group, SecP0, has emerged on the cybercrime landscape, adopting a novel and deeply concerning tactic: demanding ransom payments not for encrypted data, but for undisclosed software vulnerabilities. This shift in strategy represents a significant evolution in ransomware…
Two Hackers Arrested for Stealing Taylor Swift Era Concert Tickets Worth $600k
In a sophisticated cybercrime operation targeting high-demand events, two individuals were arrested this week for allegedly orchestrating a $600,000 ticket theft scheme involving Taylor Swift’s Eras Tour and other major concerts. Queens District Attorney Melinda Katz revealed that Tyrone Rose,…
AI, Web Scraping and the Transformation of Data Privacy: What the EDPB’s Rulings Mean for Businesses
Web scraping is no longer just about collecting raw data. AI transforms this data, embedding it into machine learning models that can generate insights, predict behaviors and even infer new information about individuals in ways that were never intended when…
New Malware ‘Desert Dexter’ Hits Over 900 Victims Worldwide
A newly discovered malicious campaign dubbed “Desert Dexter” has infected approximately 900 victims across multiple countries, primarily in the Middle East and North Africa. The Positive Technologies Expert Security Center (PT ESC) uncovered the operation, which has been active since…
Probationary firing protest, hacker names frustration, conversational scam detector
Former top NSA cyber official protests probationary firings Differing names for hackers hinders law enforcement, says security agent Google releases AI scam detection for Android to fight conversational fraud Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader…
LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL
A significant security vulnerability in LibreOffice, designated as CVE-2025-1080, has been patched in versions 24.8.5 and 25.2.1, released on March 4, 2025. The flaw, which allowed attackers to execute arbitrary scripts through manipulated macro URLs, posed a severe risk to…
Critical IDOR Vulnerabilities in ZITADEL Let Hackers Modify Key Settings
Security researchers have disclosed critical Insecure Direct Object Reference (IDOR) vulnerabilities in ZITADEL’s administration interface that expose organizations to account takeover risks and unauthorized configuration changes. Tracked as CVE-2025-27507 with a CVSS v3.1 score of 9.1/10, these flaws allow authenticated users without proper permissions…
Google Announces GoStringUngarbler Tool to Decrypt Go Based Malware
In a landmark development for cybersecurity infrastructure, Google’s Mandiant subsidiary has unveiled GoStringUngarbler – an open-source deobfuscation framework designed to neutralize advanced string encryption techniques in Go-based malware. This innovation specifically targets binaries obfuscated using garble, an increasingly prevalent obfuscation…