Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices
Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN...
Read more →Category: TheHackerNews
Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware
The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with...
Read more →
Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets
Sep 02, 2025Ravie LakshmananCryptocurrency / Malware Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to...
Read more →
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Sep 01, 2025Ravie LakshmananMobile Security / Malvertising Cybersecurity researchers are calling attention to a new shift in the Android malware...
Read more →
Rethinking Security for Scattered Spider
As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In...
Read more →
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to...
Read more →
Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and...
Read more →
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
Aug 30, 2025Ravie LakshmananZero-Day / Vulnerability WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and...
Read more →
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Aug 29, 2025Ravie LakshmananVulnerability / Web Security Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that...
Read more →
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part...
Read more →
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it described as an...
Read more →
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Aug 29, 2025The Hacker NewsEnterprise Security / Artificial Intelligence Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly...
Read more →