New Rust Malware “ChaosBot” Hides Command-and-Control Inside Discord
A sophisticated, Rust-based malware dubbed ChaosBot has been exposed utilizing the Discord platform for its Command and Control (C2) operations. This isn’t your average botnet;…
Month: October 2025
Brazilian “Caminho” Loader Uses Images In Malware Delivery
A newly identified loader dubbed “Caminho” (Portuguese for “path”) has emerged as a sophisticated Loader-as-a-Service platform that uses Least Significant Bit (LSB) steganography to conceal…
Threat Actors Compromise Xubuntu Website To Deliver Malicious Windows Executable
Threat actors infiltrated the official Xubuntu website, redirecting torrent downloads to a malicious ZIP file containing Windows-targeted malware. The incident, uncovered on October 18, 2025,…
Millions of Credentials Stolen Each Day by Stealer Malware
The cybercrime ecosystem surrounding stealer malware has reached unprecedented scale, with threat actors now processing millions of stolen credentials daily through sophisticated distribution networks. Security…
Life, death, and online identity: What happens to your online accounts after death?
The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain…
Ransomware Targets VPNs, Microsoft 365 In APAC Surge
The Asia-Pacific (APAC) region is seeing a rapid surge in number of cyberattacks aimed at its enterprises’, a new report suggests. According to Barracuda’s SOC…
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure Pierluigi Paganini October 22, 2025 Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools…
Hackers Exploited 34 Zero-Day Vulnerabilities And Earned $522,500 In Pwn2Own Ireland 2025
The first day of Pwn2Own Ireland 2025 wrapped up with a bang, as security researchers uncovered 34 unique zero-day vulnerabilities across various smart devices. Not…
For blind people, staying safe online means working around the tools designed to help
Blind and low-vision users face the same password challenges as everyone else, but the tools meant to make security easier often end up getting in…
Hidden “Glassworm” malware spreads through infected VS Code extensions
A new malware worm campaign has infected multiple Microsoft Visual Studio Code extensions using invisible Unicode characters to hide malicious code from both reviewers and…
New Salt Typhoon Attacks Leverage Zero-Days and DLL Sideloading
Salt Typhoon represents one of the most persistent and sophisticated cyber threats targeting global critical infrastructure today. Believed to be linked to state-sponsored actors from…
OpenFGA: The open-source engine redefining access control
OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained…