Cybersecurity Archives - Page 4 of 47

NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors

July 7, 2025

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit…

Cybersecurity

Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

July 7, 2025

Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. “The attacker used a modified version of…

Cybersecurity

Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties

July 7, 2025

Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data…

Cybersecurity

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

July 7, 2025

A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan (RAT) called DRAT. The activity has…

Cybersecurity

Manufacturing Security: Why Default Passwords Must Go

July 7, 2025

If you didn’t hear about Iranian hackers breaching US water facilities, it’s because they only managed to control a single pressure station serving 7,000 people. What made this attack noteworthy…

Cybersecurity

⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

July 7, 2025

Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don’t start with…

Cybersecurity

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

July 7, 2025

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity,…

Cybersecurity

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features

March 31, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security…

Cybersecurity

Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine

March 31, 2025

Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. “The file names use Russian words related to…

Cybersecurity

5 Impactful AWS Vulnerabilities You’re Responsible For

March 31, 2025

If you’re using AWS, it’s easy to assume your cloud security is handled – but that’s a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment…

Category: Cybersecurity