A sophisticated cyber threat actor, dubbed ViciousTrap by Sekoia.io’s Threat Detection & Research (TDR) team, has compromised over 5,500 edge devices across more than 50 brands, transforming them into a massive honeypot-like network. This alarming operation, detailed in Sekoia.io’s latest…
Category: EN
Inside LockBit: Data Leak Reveals Leading Affiliates and How They Operate
A massive data leak from the LockBit ransomware group, published on its hijacked leak site, has provided an unprecedented glimpse into the inner workings of one of the most notorious Ransomware-as-a-Service (RaaS) operations. The leaked data, spanning from December 19,…
Apple XNU Kernel Flaw Enables Attackers to Escalate Privileges
Apple has released urgent security patches addressing CVE-2025-31219, a high-severity vulnerability in its XNU kernel that underpins macOS, iOS, iPadOS, tvOS, watchOS, and visionOS. The flaw, which carries a CVSS score of 8.8 (vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), enables local attackers to escalate…
Operation Endgame Crushes DanaBot Malware, Shuts Down 150 C2 Servers and Halts 1,000 Daily Attacks
Operation Endgame II has delivered a devastating strike against DanaBot, a notorious malware that has plagued systems since its emergence in 2018. Initially designed as a banking trojan targeting financial credentials, DanaBot evolved into a multi-purpose threat, facilitating information theft…
Grandpa-conning crook jailed over sugar-coated drug scam
Callous fraudster tricked elderly gents into smuggling meth hidden in chocolate truffles A ruthless cyber conman who duped elderly pensioners – including an 80-year-old man – into smuggling deadly class A drugs was this week locked up.… This article has…
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US. The post Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks appeared first on SecurityWeek. This article has been…
Detect Vulnerabilities Faster With Website Scanner
As digital transformation becomes a strategic imperative, development teams have emerged as a pillar of organizations. Agile and DevOps practices have revolutionized the pace of innovation, enabling businesses to respond rapidly to evolving market demands. However, this accelerated development comes…
DanaBot Botnet Disrupted, 16 Suspects Charged
The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted. The post DanaBot Botnet Disrupted, 16 Suspects Charged appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Global Dark Web Sting Sees 270 Arrested
Operation Raptor also resulted in the seizure of $184m and a record amount of illegal drugs, firearms and drug trafficking proceeds This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Dark Web Sting Sees 270 Arrested
Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors
A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors. The post Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors appeared first on SecurityWeek. This article has been indexed from…
DragonForce Engages in “Turf War” for Ransomware Dominance
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace This article has been indexed from www.infosecurity-magazine.com Read the original article: DragonForce Engages in “Turf War” for Ransomware Dominance
Russian Hacker Indicted Over $24 Million Qakbot Ransomware Operation
The U.S. Department of Justice has unsealed a federal indictment against Rustam Rafailevich Gallyamov, 48, of Moscow, Russia, alleging he led the development and deployment of the notorious Qakbot malware. This action, announced on May 22, 2025, marks a significant…
CISA Alerts on Threat Actors Targeting Commvault’s Azure App to Steal Secrets
CISA issued an urgent advisory, warning organizations about ongoing cyber threat activity targeting Commvault’s software-as-a-service (SaaS) cloud applications hosted in Microsoft Azure environments. Threat actors have successfully accessed client secrets for Commvault’s Metallic Microsoft 365 backup solution, providing unauthorized access…
ViciousTrap Hacker Compromised 5,500+ Edge Devices From 50+ Brands & Turned Them Into Honeypots
A sophisticated threat actor designated as ViciousTrap has successfully compromised over 5,500 edge devices across more than 50 brands, transforming them into a massive distributed honeypot network capable of intercepting and monitoring exploitation attempts worldwide. This unprecedented campaign represents a…
ModSecurity Vulnerability Exposes Millions of Web Servers to Severe Denial-of-Service
A critical vulnerability in ModSecurity’s Apache module has been disclosed, potentially exposing millions of web servers worldwide to denial-of-service attacks. The flaw, tracked as CVE-2025-47947 and assigned a CVSS score of 7.5, affects the popular open-source web application firewall’s handling…
Token Security unveils MCP Server for non-human identity security
Token Security launched Model Context Protocol (MCP) Server for non-human identity (NHI). This capability brings the power of agentic AI to modern security operations and enables teams to interact with complex NHI data using simple, natural language. The Token MCP…
U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it…
Fortinet Zero-Day Under Attack: PoC Now Publicly Available
FortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is a stack-based buffer overflow located within the administrative API, specifically in the handling of session…
Signal shutters Recall, Windows Server vulnerability, pathology lab breach
Signal adds Recall blocker Critical Windows Server 2025 dMSA vulnerability warning Pathology lab suffers data breach Huge thanks to our sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires?…
Global Crackdown Nets 270 Dark Web Vendors in Major Arrests
A sweeping international crackdown, codenamed Operation RapTor, has dealt a significant blow to the criminal underworld operating on the dark web. Coordinated by Europol and involving agencies across four continents, the operation resulted in the arrest of 270 individuals involved…