H2Miner Attacking Linux, Windows, and Containers to Mine Monero
The H2Miner botnet, first observed in late 2019, has resurfaced with an expanded arsenal that blurs the line between cryptojacking and ransomware. The latest campaign…
Category: CyberSecurityNews
4M+ Internet-Exposed Systems at Risk From Tunneling Protocol Vulnerabilities
Researchers have uncovered critical security vulnerabilities affecting millions of computer servers and routers worldwide, stemming from the insecure implementation of fundamental internet tunneling protocols. The…
Massistant Chinese Mobile Forensic Tooling Gain Access to SMS Messages, Images, Audio and GPS Data
Emerging in mid-2023 as an apparent successor to Meiya Pico’s notorious MFSocket, the newly identified Android application Massistant has begun surfacing on confiscated handsets at…
Armenian Hacker Extradited to U.S. After Ransomware Attacks on Tech Firms
An Armenian national has been extradited from Ukraine to the United States to face federal charges for his alleged involvement in a series of Ryuk…
UNG0002 Actors Deploys Weaponize LNK Files Using ClickFix Fake CAPTCHA Verification Pages
A sophisticated espionage campaign targeting multiple Asian jurisdictions has emerged, utilizing weaponized shortcut files and deceptive social engineering techniques to infiltrate high-value targets across China,…
UK Retailer Co-op Confirms 6.5 Million Members’ Data Stolen in Massive Cyberattacks
Co-op has confirmed that all 6.5 million members of the UK retail cooperative had their personal data compromised during a sophisticated cyberattack in April. The…
NVIDIA Container Toolkit Vulnerability Allows Elevated Arbitrary Code Execution
NVIDIA has released critical security updates addressing two significant vulnerabilities in its Container Toolkit and GPU Operator that could allow attackers to execute arbitrary code…
1-Click Oracle Cloud Code Editor RCE Vulnerability Lets Attackers Upload Malicious Files
A critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure (OCI) Code Editor that allowed attackers to silently hijack victim Cloud Shell environments through…
GhostContainer Malware Hacking Exchange Servers in the Wild Using N-day Vulnerability
A highly sophisticated malware campaign targeting Microsoft Exchange servers in government and high-tech organizations across Asia. The malware, dubbed GhostContainer, exploits known N-day vulnerabilities to…
Critical SharePoint RCE Vulnerability Exploited Using Malicious XML Payload Within Web Part
A newly disclosed remote code execution (RCE) vulnerability in Microsoft SharePoint has been identified, affecting the deserialization process of WebPart properties. The vulnerability enables attackers…
Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure
Researchers detected an active exploitation of CVE-2025-5777, dubbed CitrixBleed 2, nearly two weeks before a public proof-of-concept surfaced. This memory overread vulnerability in Citrix NetScaler…
Europol Disrupted “NoName057(16)” Hacking Group’s Infrastructure of 100+ Servers Worldwide
A coordinated international cybercrime operation successfully dismantled the pro-Russian hacking network NoName057(16), taking down over 100 servers worldwide and disrupting their central attack infrastructure. The…