The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged RedLine Malware Administrator Extradited to US appeared first on SecurityWeek.
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing
Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data
Unfortunately, there aren't many options unless you're Starlink Citing national security fears, America is effectively banning any new consumer-grade network routers made abroad.…
Aleksei Volkov sentenced after enabling attacks that cost victims millions A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing victims millions of dollars.…
Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware
New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans
Trio-Tech International initially said hack wasn't 'material,' but then stolen data was published Trio-Tech International initially shrugged off a ransomware attack at a Singapore subsidiary as immaterial, only to reverse course days later after discovering stolen data had been disclosed.…
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
The FBI wants to hear from gamers who have downloaded Steam titles containing malware
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker
Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, warn Rapid7 researchers
BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data
A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign
Malware campaign uses Ukrainian email service for credibility, deploying "BadPaw" to execute attacks