Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious financially motivated threat actor Golden Chickens, also known as Venom Spider. Active between January and April 2025, these tools signal a persistent evolution in the…
Category: EN
MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques
MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in the arsenal of multiple threat actors, including the notorious TAG-124 (LandUpdate808) and SocGholish groups. This malware, identified in phishing and drive-by download campaigns, employs advanced…
Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA
Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging reverse proxies to intercept sensitive data. As phishing tactics grow more advanced, traditional defenses like spam filters and user training are proving insufficient. Attackers deploy…
Threat Actors Target Critical National Infrastructure with New Malware and Tools
A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East, attributed to an Iranian state-sponsored threat group. Spanning from at least May 2023 to…
New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts
StealC, a notorious information stealer and malware downloader first sold in January 2023, has rolled out its version 2 (V2) in March 2025 with sophisticated enhancements. This latest iteration introduces a range of new capabilities, focusing on advanced payload delivery…
Subscription-Based Scams Targeting Users to Steal Credit Card Information
Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by an unprecedented level of sophistication and scale. These fraudulent operations, involving over 200 meticulously crafted websites, are designed to deceive users into divulging sensitive credit card…
Shell3r – Powerful Shellcode Obfuscator for Offensive Security
Shell3r is a modular shellcode obfuscator that bypasses basic and mid-level static detection techniques. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original article: Shell3r – Powerful Shellcode Obfuscator for Offensive…
watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices
watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) potentially leading to full system takeover… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: watchTowr Warns…
RSAC 2025 wrap-up – Week in security with Tony Anscombe
From the power of collaborative defense to identity security and AI, catch up on the event’s key themes and discussions This article has been indexed from WeLiveSecurity Read the original article: RSAC 2025 wrap-up – Week in security with Tony…
Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities
Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Billions of…
Rhysida Ransomware gang claims the hack of the Government of Peru
The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is…
Fast Flux Technique Identified as Growing Risk to US Cyber Infrastructure
A sophisticated cybercriminal technique called fast flux is being increasingly employed by cybercriminals, which is causing heightened concerns among intelligence agencies and cybersecurity agencies throughout the world. It has been reported in April 2025 that the United States National…
Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss
Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where…
RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists
SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish…
DragonForce group claims the theft of data after Co-op cyberattack
Hackers claim Co-op cyberattack is worse than admitted, with major customer and employee data stolen, and provide proof to the BBC. The attackers behind the recent Co-op cyberattack, who go online with the name DragonForce, told the BBC that they…
AsyncRAT Dark Mode – New Version of AsyncRAT on GitHub With Remote Access & Monitoring
A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…
Pakistan State-sponsored Hackers Attack Indian Websites, Attempts Blocked
Pakistan’s cyber warfare against India Recently, Pakistan state-sponsored hacker groups launched multiple failed hacking attempts to hack Indian websites amid continuous cyber offensives against India after the Pahalgam terror attack. These breach attempts were promptly identified and blocked by the…
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable. The names of the packages are listed below – github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp…
CISA Warns of KUNBUS Auth Bypass Vulnerabilities Exposes Systems to Remote Attacks
CISA has issued an urgent advisory highlighting critical vulnerabilities in KUNBUS GmbH’s Revolution Pi industrial automation devices. These flaws, which include authentication bypass and remote code execution risks, threaten sectors like manufacturing, energy, and healthcare. Attackers can disrupt operations, manipulate…
AsyncRAT Dark Mode – New Version of AsyncRAT on GitHub With New Features
A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…