Kimwolf Botnet Hacked 2 Million Devices and Turned User’s Internet Connection as Proxy Node
A dangerous new malware called Kimwolf has quietly infected over 2 million devices around the world, forcing them to act as illegal proxy servers without…
Category: CyberSecurityNews
Critical GNU Wget2 Vulnerability Let Remote Attackers to Overwrite Sensitive Files
A critical security vulnerability has been discovered in GNU Wget2, a widely used command-line tool for downloading files from the web. `The flaw, tracked as…
Threat Group ‘Crimson Collective’ Allegedly Claim Breach of Largest Fiber Broadband Brightspeed
Brightspeed, one of America’s leading fiber broadband infrastructure providers, has become the latest victim of a significant cyberattack. The threat group known as Crimson Collective…
Eaton Vulnerabilities Let Attackers Execute Arbitrary Code On the Host System
A critical security advisory addressing multiple vulnerabilities discovered in the Eaton UPS Companion (EUC) software. These security flaws, if exploited, could allow attackers to execute…
AI-based Red Team Toolkit for Penetration Testing With Nmap and Metasploit
GHOSTCREW emerges as a game-changing open-source toolkit for red teamers and penetration testers. This AI-powered assistant leverages large language models, integrates the MCP protocol, and…
Threat Actor Allegedly Claim Leak of NordVPN Salesforce Database with Source Codes
A threat actor operating under the identifier 1011 has publicly claimed to have obtained and leaked sensitive data from NordVPN’s development infrastructure on a dark…
Multiple Vulnerabilities in QNAP Tools Let Attackers Obtain Secret Data
QNAP has patched multiple security vulnerabilities in its License Center application that could allow attackers to access sensitive information or disrupt services on affected NAS devices. The issues, tracked as CVE-2025-52871 and CVE-2025-53597, were…
Hackers Trapped in Resecurity’s Honeypot During Targeted Attack on Employee Network
Resecurity deploys synthetic data honeypots to outsmart threat actors, turning reconnaissance into actionable intelligence. A recent operation not only trapped an Egyptian-linked hacker but also…
VVS Stealer Uses PyArmor Obfuscation to Evade Static Analysis and Signature Detection
The cybersecurity landscape is witnessing a rise in sophisticated malware that leverages legitimate tools to mask malicious intent. A prime example is VVS Stealer (also…
Infostealers Enable Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting
A dangerous cybercrime feedback loop has emerged where stolen credentials from infostealer malware enable attackers to hijack legitimate business websites and turn them into malware…
Finland Arrests Two Cargo Ship Crew Members Over Undersea Cable Damage
Finnish authorities have detained all 14 crew members of a cargo vessel suspected of deliberately damaging an undersea telecommunications cable connecting Helsinki to Estonia. The…
RondoDoX Botnet Weaponizing a Critical React2Shell Vulnerability to Deploy Malware
A sophisticated threat group has intensified its campaign against organizations by leveraging the latest vulnerabilities in web applications and Internet of Things (IoT) devices. The…