Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched...

SecurityWeek News2 days ago

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution.

Ionut Arghire2 days ago

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.

Ionut Arghire2 days ago

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.

Ionut Arghire2 days ago

Malware & Threats

Companies Warned of Commvault Vulnerability Exploitation

CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments.

Ionut ArghireMay 23, 2025

Malware & Threats

Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks

A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US.

Ionut ArghireMay 23, 2025

Malware & Threats

DanaBot Botnet Disrupted, 16 Suspects Charged

The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted.

Eduard KovacsMay 23, 2025

Malware & Threats

Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors

A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors.

Ionut ArghireMay 23, 2025

Malware & Threats

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine

Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine.

Ryan NaraineMay 21, 2025

Malware & Threats

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

Redmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool that included global manufacturers.

Ryan NaraineMay 21, 2025

Malware & Threats

Printer Company Procolored Served Infected Software for Months

Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor.

Ionut ArghireMay 19, 2025

Malware & Threats

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities.

Ionut ArghireMay 15, 2025

Malware & Threats

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Google bundles multiple safeguards under a single Android toggle to protect high-risk users from advanced mobile malware implants.

Ryan NaraineMay 14, 2025

Malware & Threats

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category.

Ryan NaraineMay 13, 2025

Malware & Threats

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack

Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor.

Ionut ArghireMay 9, 2025

Malware & Threats

Malicious NPM Packages Target Cursor AI’s macOS Users

Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor.

Ionut ArghireMay 9, 2025

Malware & Threats

Russia-Linked APT Star Blizzard Uses ClickFix to Deploy New LostKeys Malware, Google Warns

Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware.

Ionut ArghireMay 8, 2025

Malware & Threats

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack

Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”.

Eduard KovacsMay 7, 2025

Malware & Threats

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down

Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after...

SecurityWeek NewsMay 2, 2025

Malware & Threats

Chinese APT’s Adversary-in-the-Middle Tool Dissected

ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.

Ionut ArghireMay 1, 2025

Data Breaches

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances

The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices.

Ryan NaraineApril 24, 2025

Malware & Threats

Many Malware Campaigns Linked to Proton66 Network

Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN.

Ionut ArghireApril 22, 2025

Fraud & Identity Theft

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature

North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware.

Ryan NaraineApril 21, 2025

Malware & Threats

MITRE Hackers’ Backdoor Has Targeted Windows for Years

Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.

Ionut ArghireApril 17, 2025

Page 13 of 311« First ‹ Previous 9 10 11 121314 15 16 17 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Malware & Threats

Companies Warned of Commvault Vulnerability Exploitation

Malware & Threats

Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks

Malware & Threats

DanaBot Botnet Disrupted, 16 Suspects Charged

Malware & Threats

Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors

Malware & Threats

CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine

Malware & Threats

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

Malware & Threats

Printer Company Procolored Served Infected Software for Months

Malware & Threats

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

Malware & Threats

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Malware & Threats

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

Malware & Threats

Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack

Malware & Threats

Malicious NPM Packages Target Cursor AI’s macOS Users

Malware & Threats

Russia-Linked APT Star Blizzard Uses ClickFix to Deploy New LostKeys Malware, Google Warns

Malware & Threats

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack

Malware & Threats

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down

Malware & Threats

Chinese APT’s Adversary-in-the-Middle Tool Dissected

Data Breaches

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances

Malware & Threats

Many Malware Campaigns Linked to Proton66 Network

Fraud & Identity Theft

North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature

Malware & Threats

MITRE Hackers’ Backdoor Has Targeted Windows for Years

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Daily Briefing Newsletter