Aeternum botnet uses Polygon blockchain smart contracts for C&C, making its infrastructure harder to detect and disrupt. Qrator Labs researchers uncovered Aeternum, a botnet that runs its command-and-control infrastructure through smart contracts on the Polygon blockchain. By decentralizing its C2,…
Category: EN
Researchers Uncover Aeternum C2 Infrastructure with Advanced Persistence and Network Evasion Features
For years, taking down a botnet meant finding its command-and-control (C2) server, seizing the domain, and watching the network go dark. Law enforcement used this method to dismantle major operations like Emotet, TrickBot, and QakBot. A newly discovered botnet loader…
Suspected Nork digital intruders caught breaking into US healthcare, education orgs
Who is knocking at the Dohdoor? Digital intruders with possible links to North Korea have been infecting US education and healthcare sectors with a never-before-seen backdoor since at least December, according to security researchers.… This article has been indexed from…
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering. The confiscated funds were traced to cryptocurrency addresses used for the…
ShinyHunters Leak 2M Records From Dutch Telecom Odido, Claim 21M Stolen
ShinyHunters hackers leak 2 million records from Dutch telecom Odido after ransom refusal, claiming up to 21 million customer records were stolen in the breach. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
Trend Micro Patches Critical Apex One RCE Flaws
Trend Micro has fixed critical Apex One flaws that could enable remote code execution. The post Trend Micro Patches Critical Apex One RCE Flaws appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
New Dohdoor Malware Attacking Schools and Health Care Sectors in U.S. via Multi-Stage Attack Chain
A newly discovered malware campaign has been quietly targeting educational institutions and healthcare organizations across the United States since at least December 2025. The threat, tracked under the actor designation “UAT-10027,” deploys a previously unknown backdoor called “Dohdoor,” which uses…
Vshell Gains Traction Among Threat Actors as an Alternative to Cobalt Strike
A Go-based command-and-control (C2) framework originally marketed within Chinese-speaking offensive security communities has been quietly expanding its reach, drawing growing attention from threat actors seeking flexible and cost-effective alternatives to expensive commercial tools. Known as Vshell, the tool has evolved…
Claude Code Security Crashed the Market Because We’re Defending the Wrong Thing
On Feb. 20, the cybersecurity market experienced a structural tremor. Anthropic released Claude Code Security, pointing its Claude Opus 4.6 and million-token context window at the industry’s most “vetted” codebases. This is a significant change from standard pattern-matching against known…
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances are located in the U.S.,…
Cultivating a robust and efficient quantum-safe HTTPS
Posted by Chrome Secure Web and Networking Team Today we’re announcing a new program in Chrome to make HTTPS certificates secure against quantum computers. The Internet Engineering Task Force (IETF) recently created a working group, PKI, Logs, And Tree Signatures…
AI Coding Platform Orchids Exposed to Zero-Click Hack in BBC Security Test
A BBC journalist has demonstrated an unresolved cybersecurity weakness in an artificial intelligence coding platform that is rapidly gaining users. The tool, called Orchids, belongs to a new category often referred to as “vibe-coding.” These services allow individuals without…
ClawJacked Vulnerability in OpenClaw Could Let Websites Hijack AI Agents
Is your AI assistant safe? Oasis Security researchers have found a critical ClawJacked vulnerability in OpenClaw that allows hackers to hijack AI agents through a simple browser tab. This article has been indexed from Hackread – Cybersecurity News, Data Breaches,…
ClawJacked Vulnerability in OpenClaw Lets Websites Hijack AI Agents
Is your AI assistant safe? Oasis Security researchers have found a critical ClawJacked vulnerability in OpenClaw that allows hackers to hijack AI agents through a simple browser tab. This article has been indexed from Hackread – Cybersecurity News, Data Breaches,…
5 Nations Alert: Critical Cisco Bug Used in Global Espionage Campaign
Hackers exploited a critical Cisco SD-WAN flaw, prompting a rare joint warning from the US, UK, Australia, Canada, and New Zealand. The post 5 Nations Alert: Critical Cisco Bug Used in Global Espionage Campaign appeared first on TechRepublic. This article…
Zero-Days, Data Breaches, and AI Risks Define This Week’s Cybersecurity Landscape
Weekly summary of Cybersecurity Insider newsletters The post Zero-Days, Data Breaches, and AI Risks Define This Week’s Cybersecurity Landscape appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Zero-Days, Data Breaches, and…
Zero Trust Architecture: The Technical Blueprint
Zero Trust isn’t magic. It’s a specific set of architectural components working together—policy engine, identity fabric, device trust, microsegmentation, and continuous monitoring. Here’s exactly how they fit. The post Zero Trust Architecture: The Technical Blueprint appeared first on Security Boulevard.…
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate “golang.org/x/crypto” codebase, but injects malicious code…
‘Resurge’ malware can remain undetected on devices
CISA previously issued an alert about attacks that exploited a vulnerability in Ivanti Connect Secure. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: ‘Resurge’ malware can remain undetected on devices
Trump administration removes controversial acting CISA director
The new acting director has significantly more senior cybersecurity leadership experience, which has given some demoralized employees hope. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Trump administration removes controversial acting CISA director