UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with...
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
Apr 08, 2025Ravie LakshmananCyber Attack / Vulnerability A recently disclosed critical security flaw impacting CrushFTP has been added by the...
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Apr 08, 2025Ravie LakshmananMobile Security / Vulnerability Google has shipped patches for 62 vulnerabilities, two of which it said have...
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
Apr 07, 2025Ravie LakshmananMalware / Network Security Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published...
⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More
Apr 07, 2025Ravie LakshmananThreat Intelligence / Cybersecurity Today, every unpatched system, leaked password, and overlooked plugin is a doorway for...
Security Theater: Vanity Metrics Keep You Busy – and Exposed
Apr 07, 2025The Hacker NewsAttack Surface Management After more than 25 years of mitigating risks, ensuring compliance, and building robust...
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
Apr 07, 2025Ravie LakshmananCloud Security / Cryptocurrency A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship...
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws...
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack The North Korean threat actors behind the ongoing Contagious Interview campaign are...
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI)...
