A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East, attributed to an Iranian state-sponsored threat group. Spanning from at least May 2023 to…
Tag: EN
New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts
StealC, a notorious information stealer and malware downloader first sold in January 2023, has rolled out its version 2 (V2) in March 2025 with sophisticated enhancements. This latest iteration introduces a range of new capabilities, focusing on advanced payload delivery…
Subscription-Based Scams Targeting Users to Steal Credit Card Information
Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by an unprecedented level of sophistication and scale. These fraudulent operations, involving over 200 meticulously crafted websites, are designed to deceive users into divulging sensitive credit card…
Shell3r – Powerful Shellcode Obfuscator for Offensive Security
Shell3r is a modular shellcode obfuscator that bypasses basic and mid-level static detection techniques. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original article: Shell3r – Powerful Shellcode Obfuscator for Offensive…
watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices
watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) potentially leading to full system takeover… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: watchTowr Warns…
RSAC 2025 wrap-up – Week in security with Tony Anscombe
From the power of collaborative defense to identity security and AI, catch up on the event’s key themes and discussions This article has been indexed from WeLiveSecurity Read the original article: RSAC 2025 wrap-up – Week in security with Tony…
Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities
Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Billions of…
Rhysida Ransomware gang claims the hack of the Government of Peru
The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is…
Fast Flux Technique Identified as Growing Risk to US Cyber Infrastructure
A sophisticated cybercriminal technique called fast flux is being increasingly employed by cybercriminals, which is causing heightened concerns among intelligence agencies and cybersecurity agencies throughout the world. It has been reported in April 2025 that the United States National…
Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss
Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where…
RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists
SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish…
DragonForce group claims the theft of data after Co-op cyberattack
Hackers claim Co-op cyberattack is worse than admitted, with major customer and employee data stolen, and provide proof to the BBC. The attackers behind the recent Co-op cyberattack, who go online with the name DragonForce, told the BBC that they…
AsyncRAT Dark Mode – New Version of AsyncRAT on GitHub With Remote Access & Monitoring
A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…
Pakistan State-sponsored Hackers Attack Indian Websites, Attempts Blocked
Pakistan’s cyber warfare against India Recently, Pakistan state-sponsored hacker groups launched multiple failed hacking attempts to hack Indian websites amid continuous cyber offensives against India after the Pahalgam terror attack. These breach attempts were promptly identified and blocked by the…
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable. The names of the packages are listed below – github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp…
CISA Warns of KUNBUS Auth Bypass Vulnerabilities Exposes Systems to Remote Attacks
CISA has issued an urgent advisory highlighting critical vulnerabilities in KUNBUS GmbH’s Revolution Pi industrial automation devices. These flaws, which include authentication bypass and remote code execution risks, threaten sectors like manufacturing, energy, and healthcare. Attackers can disrupt operations, manipulate…
AsyncRAT Dark Mode – New Version of AsyncRAT on GitHub With New Features
A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…
Bsideslv24 – Proving Ground – Unleashing The Future Of Development: The Secret World Of Nix & Flakes
Author/Presenter: Jason Odoom Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink The post Bsideslv24…
Bitdefender Warns of Surge in Subscription Scams Disguised as Online Stores and Mystery Boxes
Cybersecurity researchers at Bitdefender have uncovered a sharp increase in deceptive online subscription scams, with fraudsters disguising themselves as legitimate e-commerce platforms and mystery box vendors. These sophisticated schemes are luring unsuspecting users into handing over sensitive credit card…
North Korean Hackers Create Fake U.S. Firms to Dupe Crypto Developers
Threat analysts at Silent Push, a U.S. cybersecurity firm, told Reuters that North Korean cyber spies established two companies in the U.S., Blocknovas LLC and Softglide LLC, using fictitious personas and addresses to infect developers in the cryptocurrency industry…