Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Malware & Threats

Medusa Ransomware Uses Malicious Driver to Disable Security Tools

The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.

Ionut Arghire11 hours ago

Malware & Threats

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads

Over 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play.

Ionut Arghire5 days ago

Malware & Threats

Chinese Hacking Group MirrorFace Targeting Europe

Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.

Ionut Arghire5 days ago

Malware & Threats

Microsoft Warns of New StilachiRAT Malware

Microsoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft.

Eduard Kovacs6 days ago

Malware & Threats

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft

ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.

Eduard Kovacs6 days ago

Malware & Threats

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

Ryan NaraineMarch 17, 2025

Malware & Threats

Juniper Warns of Mirai Botnet Targeting Session Smart Routers

Juniper Networks says a Mirai botnet is ensnaring session smart router devices that are using default passwords.

Ionut ArghireDecember 19, 2024

Malware & Threats

FBI Warns of HiatusRAT Attacks on Cameras, DVR Systems

FBI says HiatusRAT’s operators were seen scanning for web cameras and DVR systems affected by years-old vulnerabilities.

Ionut ArghireDecember 17, 2024

Government

Android Zero-Day Exploited in Spyware Campaigns, Amnesty International Points to Cellebrite

Israeli forensics firm Cellebrite has been linked to an Android zero-day used to secretly install spyware on Serbian journalists' phones.

Ryan NaraineDecember 16, 2024

Malware & Threats

Undocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of Orgs

Undocumented vulnerabilities in DrayTek devices were exploited in ransomware campaigns that compromised over 300 organizations.

Ionut ArghireDecember 16, 2024

Malware & Threats

Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices

Germany’s cybersecurity agency BSI has sinkholed a botnet of 30,000 devices shipped with BadBox malware pre-installed.

Ionut ArghireDecember 13, 2024

ICS/OT

Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel

The Iranian threat group CyberAv3ngers has used custom-built malware named IOCONTROL to target IoT and OT devices in the US and Israel.

Eduard KovacsDecember 13, 2024

Malware & Threats

Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement

Lookout details EagleMsgSpy, a surveillance tool used by Chinese law enforcement to collect data from Android devices.

Ionut ArghireDecember 12, 2024

Malware & Threats

Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks

Cleo has released patches for the exploited vulnerability and security firms have detailed the malware delivered in attacks.

Eduard KovacsDecember 12, 2024

Malware & Threats

No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation

The doughnut and coffeehouse chain confirmed a cyberattack took out parts of its online ordering system in parts of the United States.

SecurityWeek NewsDecember 11, 2024

Malware & Threats

Google Pays $55,000 for High-Severity Chrome Browser Bug

Google pushes out major Chrome browser updates to fix multiple serious security defects.

Ionut ArghireDecember 11, 2024

Malware & Threats

Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day

Patch Tuesday: Redmond patches 71 security flaws and calls immediate attention to an exploited Windows zero-day reported by CrowdStrike.

Ryan NaraineDecember 10, 2024

Malware & Threats

Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation

The CVE-2024-54143 vulnerability affects the OpenWrt sysupgrade server and exposes users to risks of installing malicious firmware images.

Ryan NaraineDecember 9, 2024

Page 7 of 494« First ‹ Previous 3 4 5 678 9 10 11 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Medusa Ransomware Uses Malicious Driver to Disable Security Tools

Malware & Threats

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads

Malware & Threats

Chinese Hacking Group MirrorFace Targeting Europe

Malware & Threats

Microsoft Warns of New StilachiRAT Malware

Malware & Threats

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft

Malware & Threats

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum

Malware & Threats

Juniper Warns of Mirai Botnet Targeting Session Smart Routers

Malware & Threats

FBI Warns of HiatusRAT Attacks on Cameras, DVR Systems

Government

Android Zero-Day Exploited in Spyware Campaigns, Amnesty International Points to Cellebrite

Malware & Threats

Undocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of Orgs

Malware & Threats

Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices

ICS/OT

Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel

Malware & Threats

Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement

Malware & Threats

Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks

Malware & Threats

No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation

Malware & Threats

Google Pays $55,000 for High-Severity Chrome Browser Bug

Malware & Threats

Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day

Malware & Threats

Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation

Featured

Government

Despite Rip-and-Replace Efforts, FCC Suspects Banned Chinese Telecom Providers Still Active in US

Supply Chain Security

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

Mobile & Wireless

Paragon Spyware Attacks Exploited WhatsApp Zero-Day

Cloud Security

What’s Behind Google’s $32 Billion Wiz Acquisition?

Phishing

Scareware Combined With Phishing in Attacks Targeting macOS Users

Funding/M&A

Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash

Artificial Intelligence

ChatGPT Tool Vulnerability Exploited Against US Government Organizations

Latest News

Government

NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD

Cloud Security

Oracle Denies Cloud Breach After Hacker Offers to Sell Data

Vulnerabilities

Russian Firm Offers $4 Million for Telegram Exploits

Security Architecture

Webinar Tomorrow: Which Security Testing Approach is Right for You?

Government

US Lifts Sanctions Against Crypto Mixer Tornado Cash

Data Protection

NetSfere Launches Quantum-Resilient Messaging Platform for Enterprise and Government Use

Ransomware

Albabat Ransomware Expands Targets, Abuses GitHub

Daily Briefing Newsletter