Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched...

SecurityWeek News2 days ago

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution.

Ionut Arghire2 days ago

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.

Ionut Arghire2 days ago

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.

Ionut Arghire2 days ago

Malware & Threats

SimpleHelp Vulnerability Exploited Against Utility Billing Software Users

CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers.

Ionut ArghireJune 13, 2025

Government

Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones

Citizen Lab publishes forensic proof that spyware maker Paragon can compromise up-to-date iPhones. Journalists in Europe among victims.

Ryan NaraineJune 12, 2025

Malware & Threats

Recently Disrupted DanaBot Leaked Valuable Data for 3 Years

Investigators leveraged a vulnerability dubbed DanaBleed to obtain insights into the internal operations of the DanaBot botnet.

Eduard KovacsJune 11, 2025

Incident Response

Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’

Redmond warns that external control of a file name or path in WebDAV "allows an unauthorized attacker to execute code over a network."

Ryan NaraineJune 10, 2025

Incident Response

Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign

Anti-malware vendor said it spent the past twelve months deflecting a stream of network reconnaissance probes from China-nexus threat actors

Ryan NaraineJune 9, 2025

Malware & Threats

Mirai Botnets Exploiting Wazuh Security Platform Vulnerability

CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.

Eduard KovacsJune 9, 2025

Malware & Threats

React Native Aria Packages Backdoored in Supply Chain Attack

A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.

Ionut ArghireJune 9, 2025

Malware & Threats

Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems

Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials.

Ionut ArghireJune 9, 2025

Malware & Threats

Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure

A Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine.

Ionut ArghireJune 6, 2025

Malware & Threats

Backdoored Open Source Malware Repositories Target Novice Cybercriminals

A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.

Ionut ArghireJune 5, 2025

Malware & Threats

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.

Kevin TownsendJune 5, 2025

ICS/OT

Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift

Industrial giant Honeywell has published its 2025 Cybersecurity Threat Report with information on the latest trends.

Eduard KovacsJune 4, 2025

Malware & Threats

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute.

Eduard KovacsJune 3, 2025

Cybercrime

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure

Cryptocurrency mining operation hits exposed Consul dashboards, Docker Engine APIs and Gitea code-hosting instances to push Monero miner.

Ryan NaraineJune 2, 2025

Malware & Threats

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently

Chipmaker says there are indications from Google Threat Analysis Group that a trio of flaws “may be under limited, targeted exploitation.”

Ryan NaraineJune 2, 2025

Malware & Threats

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked

Noteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of...

SecurityWeek NewsJune 2, 2025

Fraud & Identity Theft

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns

Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages.

Ionut ArghireMay 30, 2025

IoT Security

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans.

Ryan NaraineMay 29, 2025

Artificial Intelligence

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites

Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites.

Ionut ArghireMay 28, 2025

Malware & Threats

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information.

Ionut ArghireMay 27, 2025

Page 12 of 311« First ‹ Previous 8 9 10 111213 14 15 16 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Malware & Threats

SimpleHelp Vulnerability Exploited Against Utility Billing Software Users

Government

Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones

Malware & Threats

Recently Disrupted DanaBot Leaked Valuable Data for 3 Years

Incident Response

Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’

Incident Response

Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign

Malware & Threats

Mirai Botnets Exploiting Wazuh Security Platform Vulnerability

Malware & Threats

React Native Aria Packages Backdoored in Supply Chain Attack

Malware & Threats

Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems

Malware & Threats

Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure

Malware & Threats

Backdoored Open Source Malware Repositories Target Novice Cybercriminals

Malware & Threats

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

ICS/OT

Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift

Malware & Threats

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

Cybercrime

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure

Malware & Threats

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently

Malware & Threats

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked

Fraud & Identity Theft

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns

IoT Security

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

Artificial Intelligence

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites

Malware & Threats

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Daily Briefing Newsletter