Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30...
Read more →Category: TheHackerNews
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Oct 13, 2025Ravie LakshmananMalware / Financial Security Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth...
Read more →
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Oct 13, 2025Ravie LakshmananRansomware / Windows Security Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that...
Read more →
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oct 12, 2025Ravie LakshmananVulnerability / Threat Intelligence Oracle on Saturday issued a security alert warning of a fresh security flaw...
Read more →
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Oct 11, 2025Ravie LakshmananCloud Security / Network Security Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL...
Read more →
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Oct 11, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR)...
Read more →
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries
Oct 10, 2025Ravie LakshmananSaaS Security / Threat Intelligence A threat actor known as Storm-2657 has been observed hijacking employee accounts...
Read more →
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Oct 10, 2025Ravie LakshmananRansomware / Data Theft Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that...
Read more →
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm...
Read more →
Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Oct 10, 2025Ravie LakshmananVulnerability / Network Security Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical...
Read more →
What Sets Top-Tier Platforms Apart?
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and...
Read more →
Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Oct 10, 2025Ravie LakshmananVulnerability / Zero-Day Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security...
Read more →