malicious

October 11, 2025

Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands

Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious…
Read More »
October 10, 2025

Gladinet CentreStack and Triofox 0-Day Flaw Under Active Attack

Gladinet CentreStack and Triofox have come under active attack as threat actors exploit an unauthenticated local file inclusion flaw (CVE-2025-11371).…
Read More »
October 9, 2025

GitLab Releases Security Update to Patch Multiple DoS-Enabling Vulnerabilities

GitLab has issued a critical security update to address several denial-of-service (DoS) vulnerabilities affecting both Community Edition (CE) and Enterprise…
Read More »
October 6, 2025

New ‘Fully Undetectable’ Android RAT Discovered on GitHub

Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in…
Read More »
October 6, 2025

Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control

Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools…
Read More »
October 5, 2025

SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials

The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target…
Read More »
October 5, 2025

New XWorm V6 Variant Embeds Malicious Code into Trusted Windows Applications

In the constantly evolving world of cyber threats, staying informed is not just an advantage; it’s a necessity. First observed…
Read More »
October 4, 2025

Threat Actors Pose as Government Officials to Attack Organizations with StallionRAT

In a recent wave of targeted phishing campaigns, the Cavalry Werewolf cluster has escalated its operations by impersonating government officials…
Read More »
October 4, 2025

New Android Spyware Targeting Users by Imitating Signal and ToTok Apps

ESET researchers have uncovered two sophisticated Android spyware campaigns that target users seeking secure communication platforms by impersonating popular messaging…
Read More »
October 3, 2025

Top 10 Best Supply Chain Risk Management Solutions in 2025

Best Supply Chain Risk Management Solutions In today’s globalized world, managing supply chain risks has become a top priority for…
Read More »
October 2, 2025

TOTOLINK X6000R Routers Hit by Three Vulnerabilities Allowing Remote Code Execution

Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025.…
Read More »
October 1, 2025

Ukraine Warns of Weaponized XLL Files Delivering CABINETRAT Malware via Zip Archives

Ukraine’s national cyber incident response team, CERT-UA, has issued an urgent warning about a new malware campaign that weaponizes Excel…
Read More »
October 1, 2025

Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about critical vulnerabilities in Cisco’s IOS and IOS XE…
Read More »
September 30, 2025

Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload

Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying…
Read More »
September 29, 2025

New Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and Credentials

Adversaries don’t work 9–5 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and…
Read More »
September 28, 2025

Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach

In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including…
Read More »
September 27, 2025

New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms

CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks…
Read More »
September 27, 2025

Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks

Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide.…
Read More »
September 26, 2025

Top 10 Best AI Penetration Testing Companies In 2025

In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability…
Read More »
September 26, 2025

Malicious MCP Server Discovered Stealing Sensitive Emails Using AI Agents

Enterprises everywhere are embracing MCP servers—tools that grant AI assistants “god-mode” permissions to send emails, run database queries, and automate…
Read More »

Previous page Next page