Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository...
2025Ravie
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
Oct 02, 2025Ravie LakshmananThreat Intelligence / Cyber Attacks From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us...
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware
Oct 02, 2025Ravie LakshmananRansomware / Threat Intelligence Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are...
New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer
Oct 01, 2025Ravie LakshmananEncryption / Hardware Security In yet another piece of research, academics from Georgia Institute of Technology and...
OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps
Oct 01, 2025Ravie LakshmananVulnerability / API Security A high-severity security flaw has been disclosed in the One Identity OneLogin Identity...
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
Oct 01, 2025Ravie LakshmananAI Security / Cloud Security A severe security flaw has been disclosed in the Red Hat OpenShift...
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users
Oct 01, 2025Ravie LakshmananVulnerability / Malware Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as...
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
Sep 30, 2025Ravie LakshmananCyber Espionage / Malware Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged...
Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits
Sep 30, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence...
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
Sep 30, 2025Ravie LakshmananArtificial Intelligence / Threat Detection Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and...
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
Sep 30, 2025Ravie LakshmananZero-Day / Vulnerability A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has...
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
Sep 30, 2025Ravie LakshmananVulnerability / Linux The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security...
⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More
Sep 29, 2025Ravie LakshmananCybersecurity / Hacking News Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new...
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package
Sep 29, 2025Ravie LakshmananMCP Server / Vulnerability Cybersecurity researchers have discovered what has been described as the first-ever instance of...
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
Sep 27, 2025Ravie LakshmananMalware / Network Security Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as...
