Red Teaming Tool Targets AI, Kubernetes, and API Vulnerabilities
Operant AI has announced the release of Woodpecker, an open-source automated red teaming engine designed to make advanced security testing accessible to organizations of all…
Month: May 2025
Advanced Detection Strategies for APT Campaigns in 2025 Networks
The cybersecurity landscape of 2025 has become a high-stakes battleground as Advanced Persistent Threat (APT) campaigns leverage artificial intelligence, zero-day exploits, and cloud vulnerabilities to…
Massive Botnet Targets ASUS Routers by Injecting Malicious SSH Keys
GreyNoise Research has publicly disclosed a sophisticated cyberattack campaign that has compromised over 9,000 ASUS routers worldwide. First detected by GreyNoise’s proprietary AI-powered analysis tool,…
New Botnet Hijacks 9,000 ASUS Routers & Enables SSH Access by Injecting Public Key
A sophisticated botnet campaign dubbed “AyySSHush” has compromised over 9,000 ASUS routers worldwide, establishing persistent backdoor access that survives firmware updates and reboots. The stealthy…
APT Hackers Turn Google Calendar Into Command Hub Using TOUGHPROGRESS Malware, Google Alerts
Google Threat Intelligence Group (GTIG), a sophisticated malware campaign dubbed “TOUGHPROGRESS” has been uncovered, orchestrated by the notorious PRC-based threat actor APT41, also known as…
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations
May 29, 2025Ravie LakshmananMalware / Cloud Security Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS…
New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.
New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor. Pierluigi Paganini May 29, 2025 GreyNoise researchers warn of a new AyySSHush…
Mike Wilkes on Resilience Amid Evolving Threats
Mike Wilkes has had a career many cybersecurity professionals could only dream of. An adjunct professor, former CISO of Marvel and MLS, member of the…
OneDrive File Picker Vulnerability Exposes Users’ Entire Cloud Storage to Websites
A critical security flaw in Microsoft’s OneDrive File Picker has exposed millions of users to unauthorized data access, allowing third-party web applications to gain complete…
What CISOs can learn from the frontlines of fintech cybersecurity
At Span Cyber Security Arena, I sat down with Ria Shetty, Director, Cyber Security & Resilience for Europe at Mastercard. Our conversation cut through the…
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
May 29, 2025Ravie LakshmananVulnerability / Website Security Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could…
A smarter way to plan: ending development delays for Australians
As Australia races to meet ambitious housing targets, a quiet crisis is playing out in council offices across the country. Council planning systems—often the bottleneck…