Cybersecurity News
-
Pi-hole Plugin Flaw Exposes Donor Names and Email Addresses in Data Breach
A Pi-hole donor has reported receiving spam email to an address created exclusively for their donation to the popular network-level ad blocker, raising concerns about a potential data breach affecting…
Read More » -
10 Best Dark Web Monitoring Tools in 2025
Choosing the right dark web monitoring tool is a critical decision for both individuals and organizations seeking to protect their digital assets and identity. With the dark web serving as…
Read More » -
New Undetectable Plague Malware Targeting Linux Servers for Persistent SSH Access
Security researchers have discovered a sophisticated Linux backdoor dubbed “Plague” that has remained undetected by all major antivirus engines despite multiple samples being uploaded to VirusTotal over the past year.…
Read More » -
Qilin Ransomware Affiliate Panel Login Credentials Exposed Online
A significant security breach within the Qilin ransomware operation has provided unprecedented insight into the group’s affiliate network structure and operational methods. On July 31, 2025, internal conflicts between the…
Read More » -
Akira Ransomware Exploits 0-Day Vulnerability in SonicWall Firewall Devices
Cybersecurity firm Arctic Wolf has identified a significant increase in ransomware attacks targeting SonicWall firewall devices in late July 2025, with evidence pointing to the exploitation of a previously unknown…
Read More » -
Qilin Ransomware Sees Surge After Collapse of Dominant RansomHub RaaS
The ransomware landscape underwent significant disruption, marked by the abrupt cessation of operations from several prominent Ransomware-as-a-Service (RaaS) groups, including RansomHub, Babuk-Bjorka, FunkSec, BianLian, 8Base, Cactus, Hunters International, and LockBit.…
Read More » -
SafePay Ransomware Strikes 260+ Victims Across Multiple Countries
The SafePay ransomware organization has quickly become a powerful operator since its initial detection in September 2024, marking a startling increase in the cyber threat scenario. Unlike predominant ransomware-as-a-service (RaaS)…
Read More » -
Microsoft Upgrades .NET Bounty Program, Offers Rewards Up to $40,000
Microsoft has announced significant enhancements to its .NET Bounty Program, introducing expanded coverage, streamlined award structures, and substantially increased financial incentives for security researchers. The updated program now offers maximum…
Read More » -
Unit 42 Launches Attribution Framework to Classify Threat Actors by Behavior and Activity
Unit 42, the threat research division of Palo Alto Networks, has unveiled its Attribution Framework, designed to transform the traditionally subjective process of threat actor attribution into a structured, evidence-based…
Read More » -
NOVABLIGHT Masquerades as Educational Tool to Steal Login Credentials and Compromise Crypto Wallets
A newly analyzed Malware-as-a-Service (MaaS) infostealer, NOVABLIGHT, has emerged as a significant cybersecurity threat, targeting unsuspecting users with advanced data theft capabilities. Developed and sold by the Sordeal Group, a…
Read More » -
Hackers Deploy Cobalt Strike Beacon Using GitHub and Social Media
A sophisticated cyberattack campaign disrupted the Russian IT industry and entities in several other countries, leveraging advanced evasion techniques to deploy the notorious Cobalt Strike Beacon. Attackers ingeniously concealed payload…
Read More » -
ChatGPT Agent Defeats Cloudflare’s ‘I Am Not a Robot’ Security Check
In a significant development that highlights both the advancing capabilities of AI and potential vulnerabilities in web security systems, a ChatGPT-powered agent has successfully bypassed Cloudflare’s widely-used “I am not…
Read More » -
Android Banking Malware Masquerades as Government Agencies to Attack Users
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate applications from Vietnamese government and financial institutions to deceive users.…
Read More » -
Bulletproof Hosting Provider Powering Global Malware Campaigns
Security researchers may have discovered a reliable hosting company run by Qwins Ltd. that supports a broad range of international malware operations in a recent analysis resulting from standard follow-up…
Read More » -
Lionishackers Exfiltrate Sensitive Corporate Databases for Sale on the Dark Web
Outpost24’s threat intelligence researchers have uncovered the operations of Lionishackers, a financially motivated cyber threat actor specializing in the exfiltration and illicit sale of corporate databases. This group employs an…
Read More » -
ArmouryLoader Bypasses Security Protections to Inject Malicious Code
ArmouryLoader and other malicious code loaders have become essential tools for introducing Trojan-type payloads into hacked systems in the ever-changing world of cyberattacks. First identified in 2024, ArmouryLoader exploits the…
Read More » -
Stealing Login Credentials from 19 Major Browsers
A sophisticated new information stealer named SHUYAL was recently discovered by Hybrid Analysis. It has demonstrated extensive capabilities in credential extraction from 19 different web browsers, including popular ones like…
Read More »