SessionReaper Exploits Erupt As Magento Sites Lag On Patching
Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics…
Category: DarkReading
U.S. Accuses Security Firm Official Of Trade Secrets Theft
The U.S. government has apparently charged a former cybersecurity company official with stealing trade secrets with the intention of selling them to a Russian buyer,…
WazirX To Resume Trading After 15-Month Cyberattack Halt
WazirX, one of India’s popular cryptocurrency exchanges, is set to restart its operations on October 24, nearly 15 months after a cyberattack forced the platform to halt…
CVE‑2025‑62518 RCE Flaw In Async-tar
A critical flaw has been identified in a Rust library that demands immediate attention from developers and IT decision-makers leveraging the Rust ecosystem. The vulnerability, tracked as CVE‑2025‑62518, exposes serious…
Microsoft Digital Defense Report 2025: Cybercrime Trends
The newly released Microsoft Digital Defense Report 2025 reveals new data on global cyber threats. According to the report, more than half of all cyberattacks with…
Vidar Stealer 2.0 Boosts Infostealer’s Theft And Evasion
Vidar Stealer 2.0 has been released, and the updated infostealer claims to offer improved performance with advanced credential stealing and evasion abilities, features that will…
How “Unseeable Prompt Injections” Threaten AI Agents
A new form of attack is targeting browsers with built-in AI assistants. Researchers at Brave have found that seemingly harmless screenshots and web pages can…
Cyberattack Disrupts Heywood Hospital And Athol Hospital
A cyberattack on hospitals in North Central Massachusetts has caused major operational disruptions at Heywood Hospital in Gardner and Athol Hospital, a smaller critical access…
Brazilian “Caminho” Loader Uses Images In Malware Delivery
A newly identified loader dubbed “Caminho” (Portuguese for “path”) has emerged as a sophisticated Loader-as-a-Service platform that uses Least Significant Bit (LSB) steganography to conceal…
Ransomware Targets VPNs, Microsoft 365 In APAC Surge
The Asia-Pacific (APAC) region is seeing a rapid surge in number of cyberattacks aimed at its enterprises’, a new report suggests. According to Barracuda’s SOC…
Lumma Stealer Slowed By Doxxing Campaign
The prolific threat actors behind the Lumma Stealer malware have been slowed by an underground doxxing campaign in recent months. Coordinated law enforcement action earlier…
COLDRIVER Unleashes New Malware After LOSTKEYS Exposure
Following the public disclosure of its LOSTKEYS malware in May 2025, the Russian state-sponsored threat group known as COLDRIVER, also tracked under aliases such as…