MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks
May 02, 2025Ravie LakshmananMalware / Threat Intelligence The malware loader known as MintsLoader has been used to deliver a PowerShell-based...
Read more →Category: TheHackerNews
Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support
May 02, 2025Ravie LakshmananPassword Security / Windows A year after Microsoft announced passkeys support for consumer accounts, the tech giant...
Read more →
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers
May 01, 2025Ravie LakshmananMalware / Web Skimming Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that...
Read more →
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
May 01, 2025Ravie LakshmananArtificial Intelligence / Disinformation Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its...
Read more →
Why top SOC teams are shifting to Network Detection and Response
Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced...
Read more →
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics
Russian companies have been targeted as part of a large-scale phishing campaign that’s designed to deliver a known malware called...
Read more →
95% of AppSec Fixes Don’t Reduce Risk
For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the...
Read more →
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
May 01, 2025Ravie LakshmananZero-Day / Threat Intelligence Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor...
Read more →
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
May 01, 2025Ravie LakshmananVulnerability / VPN Security SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile...
Read more →
Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks
Apr 30, 2025Ravie LakshmananThreat Intelligence / Malware Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous...
Read more →
Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense
Apr 30, 2025Ravie LakshmananArtificial Intelligence / Email Security As the field of artificial intelligence (AI) continues to evolve at a...
Read more →
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
Apr 30, 2025Ravie LakshmananMalware / DNS Security A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to...
Read more →