New PumaBot botnet brute forces SSH credentials to breach devices
A newly discovered Go-based Linux botnet malware named PumaBot is brute-forcing SSH credentials on embedded IoT devices to deploy malicious payloads. The targeted nature of PumaBot…
Category: Bleeping Computer
Interlock ransomware gang deploys new NodeSnake RAT on universities
The Interlock ransomware gang is deploying a previously undocumented remote access trojan (RAT) named NodeSnake against educational institutes for persistent access to corporate networks. QuorumCyber…
Dark Partners cybercrime gang fuels large-scale crypto heists
A sprawling network of fake AI, VPN, and crypto software download sites is being used by the “Dark Partner” threat actors to conduct a crypto…
Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor
Over 9,000 ASUS routers are compromised by a novel botnet dubbed “AyySSHush” that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys. The…
Czechia blames China for Ministry of Foreign Affairs cyberattack
The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country’s Ministry of Foreign Affairs and critical infrastructure organizations. “The malicious…
Microsoft introduces new Windows backup tool for businesses
Microsoft has introduced Windows Backup for Organizations, a new backup tool for enterprises that simplifies backups and makes the transition to Windows 11 easier. First…
Microsoft wants Windows to update all software on your PC
Microsoft has introduced a new update orchestration platform built on the existing Windows Update infrastructure, which aims to unify the updating system for all apps,…
Apple blocked over $9 billion in App Store fraud in five years
Apple says it blocked over $9 billion in fraudulent App Store transactions over the last five years, with over $2 billion in potentially fraudulent sanctions…
DragonForce ransomware abuses SimpleHelp in MSP supply chain attack
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on…
DragonForce ransomware abuses MSP’s SimpleHelp RMM to encrypt customers
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on…
Iranian pleads guilty to RobbinHood ransomware attacks, faces 30 years
An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S.…
Not Every CVE Deserves a Fire Drill: Focus on What’s Exploitable
More than 40,000 new vulnerabilities (CVEs) were published in 2024 alone. More than 60% of those were labeled “high” or “critical.” Sounds scary, sure, but…