2025Ravie

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananEmail Security / Threat Intelligence The Russian state-sponsored threat actor known as APT28 has been attributed to...

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananVulnerability / Malware The threat actor linked to Operation ForumTroll has been attributed to a fresh set...

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananAd Fraud / Browser Security A new campaign named GhostPoster has leveraged logo files associated with 17...

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

AndyC 17 December 2025

Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using...

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

AndyC 17 December 2025

Dec 16, 2025Ravie LakshmananCybersecurity / Cryptocurrency Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the...

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

AndyC 17 December 2025

Dec 16, 2025Ravie LakshmananCloud Security / Vulnerability Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign...

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

AndyC 17 December 2025

Dec 16, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors have begun to exploit two newly disclosed security flaws in Fortinet...

Google to Shut Down Dark Web Monitoring Tool in February 2026

AndyC 16 December 2025

Dec 16, 2025Ravie LakshmananDark Web / Online Safety Google has announced that it's discontinuing its dark web report tool in...

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

AndyC 16 December 2025

Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX)...

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

AndyC 15 December 2025

Dec 15, 2025Ravie LakshmananHacking News / Cybersecurity If you use a smartphone, browse the web, or unzip files on your...

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

AndyC 15 December 2025

Dec 15, 2025Ravie LakshmananMalware / Cybercrime Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide...

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

AndyC 15 December 2025

Dec 15, 2025Ravie LakshmananRansomware / Cybercrime The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new...

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

AndyC 15 December 2025

Dec 13, 2025Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity...

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

AndyC 11 December 2025

Dec 10, 2025Ravie LakshmananVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw...

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

AndyC 10 December 2025

Dec 10, 2025Ravie LakshmananVulnerability / Endpoint Security Fortinet, Ivanti, and SAP have moved to address critical security flaws in their...

2025Ravie

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Google to Shut Down Dark Web Monitoring Tool in February 2026

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

ESET Threat Report H2 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Donate Bitcoin to this address

Donate Ethereum to this address

Inside the Global Airline that Eliminated 14,600 SaaS Security Issues with AppOmni

Cybersecurity Crossed the AI Rubicon: Why 2025 Marked a Point of No Return

When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk

Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation

GNV ferry fantastic under cyberattack probe amid remote hijack fears

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed