CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been...
Hacking
Category Added in a WPeMatico Campaign
JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
Dec 05, 2025Ravie LakshmananVulnerability / Network Security A command injection vulnerability in Array Networks AG Series secure access gateways has...
Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China
The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat...
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories
Dec 04, 2025Ravie LakshmananCybersecurity / Hacking News Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial...
![5 Threats That Reshaped Web Security This Year [2025]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ51hMVtHfFQ2O7pCZYfK5WkypXg1Qury_AA_VudY5f_n7u8S8M4UJAy76w7DM1aBq1faDyuaOO4VJP7bIj1L1-AgNzZjQf0-kZlhU6kH-G4qDMkZFF_7YsL3v5R6d9PkpJcTegD7H01BySWNNs-m5toA_DTqVSVs-sCeLm5n1zJuLzs1_erWdl8asq4k/s790-rw-e365/reflectiz.jpg)
5 Threats That Reshaped Web Security This Year [2025]
As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become...
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting...
Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
Dec 04, 2025Ravie LakshmananDDoS Attacks / Network Security Cloudflare on Wednesday said it detected and mitigated the largest ever distributed...
Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has been disclosed in React Server Components (RSC) that,...
Discover the AI Tools Fueling the Next Cybercrime Wave — Watch the Webinar
Dec 03, 2025The Hacker NewsCybercrime / Artificial Intelligence Remember when phishing emails were easy to spot? Bad grammar, weird formatting,...
Chopping AI Down to Size: Turning Disruptive Technology into a Strategic Advantage
Most people know the story of Paul Bunyan. A giant lumberjack, a trusted axe, and a challenge from a machine...
Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code
Dec 03, 2025Ravie LakshmananMachine Learning / Vulnerability Three critical security flaws have been disclosed in an open-source utility called Picklescan...
Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems
Dec 03, 2025Ravie LakshmananMalware / Web3 Security Cybersecurity researchers have discovered a malicious Rust package that's capable of targeting Windows,...
India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse
Dec 02, 2025Ravie LakshmananRegulatory Compliance / Online Safety India's Department of Telecommunications (DoT) has issued directions to app-based communication service...
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
Dec 02, 2025The Hacker NewsIdentity Theft / Threat Intelligence A joint investigation led by Mauro Eldritch, founder of BCA LTD,...
GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
Dec 02, 2025Ravie LakshmananMalware / Blockchain The supply chain campaign known as GlassWorm has once again reared its head, infiltrating...
