2025Ravie

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

AndyC 4 November 2025

Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry...

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

AndyC 4 November 2025

Nov 03, 2025Ravie LakshmananCybercrime / Supply Chain Attack Bad actors are increasingly training their sights on trucking and logistics companies...

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

AndyC 4 November 2025

Nov 03, 2025Ravie LakshmananCybersecurity / Hacking News Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky...

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

AndyC 4 November 2025

Nov 03, 2025Ravie LakshmananCybersecurity / Malware The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor...

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

AndyC 2 November 2025

Nov 01, 2025Ravie LakshmananArtificial Intelligence / Vulnerability The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks...

OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananArtificial Intelligence / Code Security OpenAI has announced the launch of an "agentic security researcher" that's powered...

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananMalware / Browser Security A suspected nation-state threat actor has been linked to the distribution of a...

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananMalware / Threat Intelligence A China-affiliated threat actor known as UNC6384 has been linked to a fresh...

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananEndpoint Security / Cyber Espionage The exploitation of a recently disclosed critical security flaw in Motex Lanscope...

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA),...

Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananMalware / Secure Coding Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken...

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

AndyC 1 November 2025

Oct 31, 2025Ravie LakshmananVulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity...

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

AndyC 31 October 2025

Oct 30, 2025Ravie LakshmananMalware / Cybercrime The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing...

New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

AndyC 31 October 2025

Oct 30, 2025Ravie LakshmananBrowser Security / Vulnerability A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to...

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising

AndyC 31 October 2025

Oct 30, 2025Ravie LakshmananCybersecurity / Hacking News The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter,...

2025Ravie

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET Threat Report H2 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Donate Bitcoin to this address

Donate Ethereum to this address

Chinese Hackers Exploited a Zero-Day in Cisco Email Security Systems

Risk Management in Banking: Leveraging AI and Advanced Analytics

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

RegScale Open Sources OSCAL Hub to Further Compliance-as-Code Adoption

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed