Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Oct 17, 2025Ravie LakshmananVulnerability / VPN Security Cybersecurity researchers have disclosed details of a recently patched critical security flaw in...
researchers
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks
Oct 16, 2025Ravie LakshmananVulnerability / Linux Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed...
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
Oct 15, 2025Ravie LakshmananVulnerability / Critical Infrastructure Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote...
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
Oct 15, 2025Ravie LakshmananVulnerability / Server Security Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer...
Researchers warn of widespread RDP attacks by 100K-node botnet
Researchers warn of widespread RDP attacks by 100K-node botnet Pierluigi Paganini October 14, 2025 A botnet of 100K+ IPs from...
China’s Flax Typhoon Exploits ArcGIS App for Year-Long Persistence
A China-backed threat group exploited what ReliaQuest researchers called a “common security blind spot” to maintain persistence in a widely...
#Pixnapping: Android Timing Attack Sends Google Back to the Drawing Board
Researchers discover a new way to steal secrets from Android apps.Anything any Android app can display is vulnerable to the Pixnapping...
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
Oct 14, 2025Ravie LakshmananMalware / Typosquatting Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that...
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain
Oct 14, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585...
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Oct 13, 2025Ravie LakshmananMalware / Financial Security Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth...
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Oct 13, 2025Ravie LakshmananRansomware / Windows Security Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that...
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Oct 10, 2025Ravie LakshmananRansomware / Data Theft Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that...
WhatsApp Worm Targets Brazilian Banking Customers
Counter Threat Unit™ (CTU) researchers are investigating multiple incidents in an ongoing campaign targeting users of the WhatsApp messaging platform....
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm...
Anatomy of a Modern Threat: Deconstructing the Figma MCP Vulnerability
Threat researchers recently disclosed a severe vulnerability in a Figma Model Context Protocol (MCP) server, as reported by The Hacker...
