BRICKSTORM has surfaced as a highly evasive backdoor targeting organizations within the technology and legal industries, exploiting trust relationships to infiltrate critical networks. First detected in mid-2025, this malware leverages multi-stage loaders and covert communication channels to avoid detection. Early…
SetupHijack Tool Exploits Race Conditions and Insecure File Handling in Windows Installer Processes
SetupHijack, an open-source research utility, has emerged as a powerful method for red teaming and security research by targeting race conditions and insecure file handling within Windows installer and update mechanisms. By polling world-writable directories such as %TEMP%, %APPDATA%, and…
ZendTo Vulnerability Let Attackers Bypass Security Controls and Access Sensitive Data
A critical path traversal flaw in ZendTo has been assigned CVE-2025-34508 researchers discovered that versions 6.15–7 and prior enable authenticated users to manipulate file paths and retrieve sensitive data from the host system. This issue underscores the persistent risk in…
New LockBit 5.0 Ransomware Variant Attacking Windows, Linux, and ESXi Systems
Following a major law enforcement disruption in February 2024, the notorious LockBit ransomware group has resurfaced, marking its sixth anniversary with the release of a new version: LockBit 5.0. Trend Micro has identified and analyzed binaries for Windows, Linux, and…
BreachForums Founder Resentenced to Three Years After Appeal
In a significant legal outcome for the cybersecurity landscape, Conor Fitzpatrick, the founder of the notorious BreachForums underground hacking site, has been resentenced to three years in federal prison after appeals overturned his previous lenient sentence. Fitzpatrick, who operated…
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor. Slovak cybersecurity firm ESET, which is tracking the activity under the name…
The Threat of Privilege Abuse in Active Directory
In early 2024, the BlackCat ransomware attack against Change Healthcare caused massive disruption across the U.S. healthcare sector. It later emerged that the cause of this major national incident was… The post The Threat of Privilege Abuse in Active Directory…
Volvo Group Reports Data Breach Following Ransomware Attack on HR Vendor
Volvo Group has disclosed that a recent ransomware attack on its human resources software provider, Miljödata, may have resulted in unauthorized access to personal information belonging to its North American workforce. The incident underscores growing concerns about third-party risk and the importance…
RTX Confirms Airport Services Hit by Ransomware
The aerospace and defense giant has disclosed the cyberattack in a filing with the SEC. The post RTX Confirms Airport Services Hit by Ransomware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: RTX…
Chinese Cyberspies Hacked US Defense Contractors
RedNovember has been targeting government, defense and aerospace, and legal services organizations worldwide. The post Chinese Cyberspies Hacked US Defense Contractors appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chinese Cyberspies Hacked US…
ZendTo Flaw Lets Attackers Bypass Security Controls to Access Sensitive Data
A critical vulnerability in the popular file-sharing tool ZendTo allows authenticated users to traverse system paths and access or modify sensitive files belonging to other users. The flaw, tracked as CVE-2025-34508, affects ZendTo versions 6.15-7 and earlier. An attacker can…
New Malicious Rust Crates Impersonate fast_log to Steal Solana and Ethereum Wallet Keys
A pair of malicious Rust crates masquerading as the popular fast_log library have been uncovered, harvesting private Solana and Ethereum keys from developers’ environments. The impostor crates include legitimate-looking logging functionality to evade detection, while a hidden routine scans source…
Cisco IOS/XE Vulnerability Allows Unauthorized Access to Confidential Data
Cisco released an advisory describing a high-severity vulnerability (CVE-2025-20160) in its IOS and IOS XE platforms. The flaw stems from improper validation of the TACACS+ shared secret configuration. When TACACS+ is enabled but no secret is set, remote attackers or…
Perspective: Why Politics in the Workplace is a Cybersecurity Risk
Bringing politics into professional spaces undermines decision-making, collaboration, and ultimately weakens security teams. The post Perspective: Why Politics in the Workplace is a Cybersecurity Risk appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More
/* ===== Container ===== */ .td-wrap {} /* ===== Section ===== */ .td-section { } .td-title { margin: 16px 0 4px; font-size: 32px; line-height: 1.2; font-weight: 800; } .td-subtitle { margin: 0 0 24px; color: #64748b; font-size: 16px; } /*…
CTEM’s Core: Prioritization and Validation
Despite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why? It’s not because security teams can’t see enough. Quite the contrary. Every security tool spits out thousands of…
Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems
Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News,…
Hackers Use AI-Generated Code to Obfuscate Payloads and Bypass Traditional Defenses
A recent credential phishing campaign detected by Microsoft Threat Intelligence used AI-generated code within an SVG file to disguise malicious behavior. While the novel obfuscation techniques showcased attacker ingenuity, AI-powered defenses successfully blocked the attack—underscoring that AI-augmented threats remain detectable…
Hackers Use GitHub Notifications to Impersonate Y Combinator and Steal Wallet Funds
A recent wave of sophisticated phishing attacks has targeted developers and startups by impersonating Y Combinator through GitHub notifications. Victims are being tricked into believing they’ve been selected for startup funding, only to face financial theft via fake verification schemes.…
RedNovember Hackers Targeting Government and Tech Organizations to Install Backdoor
In July 2024, Recorded Future’s Insikt Group publicly exposed TAG-100, a cyber-espionage campaign leveraging the Go-based backdoor Pantegana against high-profile government, intergovernmental and private organizations worldwide. New evidence now attributes TAG-100 to a Chinese state-sponsored threat actor, designated RedNovember. Between…
Malicious-Looking URL Creation Service
This site turns your URL into something sketchy-looking. For example, www.schneier.com becomes https://cheap-bitcoin.online/firewall-snatcher/cipher-injector/phishing_sniffer_tool.html?form=inject&host=spoof&id=bb1bc121¶meter=inject&payload=%28function%28%29%7B+return+%27+hi+%27.trim%28%29%3B+%7D%29%28%29%3B&port=spoof. Found on Boing Boing. This article has been indexed from Schneier on Security Read the original article: Malicious-Looking URL Creation Service
Volvo Group Discloses Data Breach After Ransomware Attack on HR Supplier
Volvo Group North America has begun notifying employees and associates about a data breach that exposed their personal information, including names and Social Security numbers. The security incident did not originate within Volvo’s own networks but was the result of…
TikTok is misusing kids’ data, says privacy watchdog
TikTok is scooping up data on hundreds of thousands of children who shouldn’t have been on the platform, according to Canadian privacy commissioners. This article has been indexed from Malwarebytes Read the original article: TikTok is misusing kids’ data, says…
LinkedIn will use your data to train its AI unless you opt out now
LinkedIn will not be asking for your permission to share your data for AI training. Here’s how to opt out before the deadline. This article has been indexed from Malwarebytes Read the original article: LinkedIn will use your data to…