ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and focuses on stealing cryptocurrency. It targets freelance developers working on Windows, Linux, and macOS systems. A…
Tag: EN
Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed
Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman…
NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages
The UK’s National Crime Agency has arrested a suspect in connection with a ransomware attack on Collins Aerospace This article has been indexed from www.infosecurity-magazine.com Read the original article: NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages
Steam Confirms Malware Found in BlockBlasters Game
Steam has officially confirmed that malware was discovered in the popular indie game BlockBlasters. The announcement follows widespread player reports and security scans that flagged unusual activity in the game’s files. This incident raises concerns about game security and digital…
Three in four European companies are hooked on US tech
Secure your data, avoid US sanctions, and stay compliant with European cybersecurity alternatives Partner Content What happens when your company’s future depends on a service controlled by another country that loves trade fights, tariffs, and industrial-scale surveillance? That’s the risk…
Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access
Attackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even after other malware is discovered and removed. Their deceptive appearances belied their dangerous functions: one impersonated a plugin, the other…
Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software
Cisco addressed a high-severity zero-day in Cisco IOS and IOS XE Software that is being actively exploited in attacks in the wild. Cisco fixed an actively exploited zero-day, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE Software. The high-severity…
Hackers Exploit Hikvision Camera Flaw to Steal Sensitive Data
Security researchers have observed renewed exploit campaigns targeting an eight-year-old backdoor in Hikvision cameras to harvest configuration files, user lists, and snapshots. Attackers automate scans across IP ranges, appending a base64-encoded “auth” parameter to management URLs. When decoded, the string…
LNK Malware Leverages Legit Windows Files to Slip Past Defenses
In a recently observed campaign emerging from Israel, threat actors have revived the use of Windows shortcut (.LNK) files to deliver a potent Remote Access Trojan (RAT). These seemingly innocuous shortcut files exploit Living-off-the-Land Binaries (LOLBins) such as odbcconf.exe to…
Secure Code Warrior gives CISOs visibility into developer AI tool usage
Secure Code Warrior has launched a beta program to expand the AI capabilities of its Trust Agent product. The new offering provides CISOs with security traceability, visibility, and governance over developers’ use of AI coding tools. This upgrade, collectively referred…
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances. The company said the vulnerability, CVE-2025-20352…
Suspect arrested over airport attack, DDoS attack hits new record, BRICKSTORM backdoor steals IPs
Person arrested in connection with airport attack Record-breaking DDoS attack hits new highs China-linked attackers use ‘BRICKSTORM’ backdoor to steal IP Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried…
Man Arrested In Probe Of Cyber-Attack On Airports
National Crime Agency arrests and releases man in forties from West Sussex after ransomware attack disrupts flights across Europe This article has been indexed from Silicon UK Read the original article: Man Arrested In Probe Of Cyber-Attack On Airports
Gcore Radar Report Reveals 41% Surge in DDoS Attack Volumes
Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Gcore Radar Report Reveals 41% Surge in DDoS Attack Volumes
Linux Kernel ksmbd Vulnerability Allows Remote Attackers to Execute Arbitrary Code
A severe vulnerability in the Linux kernel’s ksmbd SMB server implementation has been disclosed, potentially allowing authenticated remote attackers to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2025-38561 and assigned a CVSS score of 8.5, represents a…
BMC Firmware Vulnerabilities Allow Attackers to Bypass Signature Verification Features
Critical vulnerabilities discovered in Supermicro Baseboard Management Controller (BMC) firmware have exposed a troubling pattern where inadequate security fixes create new attack vectors, allowing sophisticated adversaries to bypass signature verification mechanisms and maintain persistent control over enterprise server infrastructure. These…
Hackers Exploiting Hikvision Camera Vulnerability to Access Sensitive Information
A critical vulnerability in Hikvision security cameras, first disclosed in 2017, is being actively exploited by hackers to gain unauthorized access to sensitive information. SANS researchers observed a recent surge in malicious activity targeting a specific flaw, identified as CVE-2017-7921,…
BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign
Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked by Google Threat Intelligence Group (GTIG) and investigated by Mandiant Consulting, BRICKSTORM campaigns have maintained undetected access for an average…
Predicting DDoS attacks: How deep learning could give defenders an early warning
Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they are underway. New research suggests that predicting DDoS attacks in advance may be possible, giving…
COLDRIVER APT Group Uses ClickFix to Deliver New PowerShell-Based Backdoor BAITSWITCH
Russia-linked threat actors continue targeting civil society with sophisticated social engineering campaigns and lightweight malware tools in September 2025. The campaign delivers two previously undocumented malware families: a downloader dubbed BAITSWITCH and a PowerShell-based backdoor named SIMPLEFIX. COLDRIVER, also tracked as Star Blizzard,…