Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Oct 11, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR)...
2025Ravie
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Oct 10, 2025Ravie LakshmananRansomware / Data Theft Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that...
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries
Oct 10, 2025Ravie LakshmananSaaS Security / Threat Intelligence A threat actor known as Storm-2657 has been observed hijacking employee accounts...
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Oct 10, 2025Ravie LakshmananVulnerability / Network Security Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical...
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm...
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Oct 10, 2025Ravie LakshmananVulnerability / Zero-Day Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security...
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw
Oct 10, 2025Ravie LakshmananVulnerability / Threat Intelligence Dozens of organizations may have been impacted following the zero-day exploitation of a...
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
Oct 09, 2025Ravie LakshmananCyber Espionage / Artificial Intelligence A China-aligned threat actor codenamed UTA0388 has been attributed to a series...
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
Oct 09, 2025Ravie LakshmananMobile Security / Malware A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia...
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
Oct 09, 2025Ravie LakshmananCloud Security / Network Security SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup...
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
Oct 09, 2025Ravie LakshmananCybersecurity / Hacking News Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven...
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine
Oct 09, 2025Ravie LakshmananArtificial Intelligence / Malware Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has...
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
Oct 09, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw impacting the Service Finder...
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Oct 08, 2025Ravie LakshmananMalware / Threat Intelligence Threat actors with suspected ties to China have turned a legitimate open-source monitoring...
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now
Oct 08, 2025Ravie LakshmananVulnerability / Software Security Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp...
