North Korea Attacks South Koreans With Ransomware – Dark Reading
DPRK hackers are throwing every kind of malware at the wall and seeing what sticks, deploying stealers, backdoors, and ransomware all at once. – Read More
Cyber
Fortinet Products Are in the Crosshairs Again – Dark Reading
The company disclosed a critical FortiSIEM flaw with a PoC exploit for it the same week researchers warned of an ominous surge in malicious traffic targeting the vendor’s SSL VPNs.…
Russian APT group Curly COMrades employs novel backdoor and persistence tricks – CSO Online
Researchers have observed new cyberespionage campaigns against key organizations from EU-hopefuls Moldova and Georgia using a previously unknown backdoor program and novel persistence techniques. Absent of evidence to link this…
Whispers of XZ Utils Backdoor Live on in Old Docker Images – Dark Reading
Developers maintaining the images made the “intentional choice” to leave the artifacts available as “a historical curiosity,” given the improbability they’d be exploited. – Read More
Popular AI Systems Still a Work-in-Progress for Security – Dark Reading
According to a recent Forescout analysis, open-source models were significantly less successful in vulnerability research than commercial and underground models. – Read More
DEF CON research takes aim at ZTNA, calls it a bust – CSO Online
Zero Trust Network Access (ZTNA) has been promoted by vendors over the last several years as a foundational approach for network security. The basic premise is to never trust and…
Critical SSH vulnerabilities expose enterprise network infrastructure as patching lags – CSO Online
The Secure Shell (SSH) protocol serves as the backbone of modern network administration, providing encrypted remote access to virtually every server, network device and embedded system in enterprise environments. From…
Patch Now: Attackers Target OT Networks via Critical RCE Flaw – Dark Reading
Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development. – Read More
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks – The Hacker News
Cybersecurity researchers have discovered a new malvertising campaign that’s designed to infect victims with a multi-stage malware framework called PS1Bot. “PS1Bot features a modular design, with several modules delivered used…
What the LockBit 4.0 Leak Reveals About RaaS Groups – Dark Reading
The leak serves as a wake-up call: Being prepared is the cornerstone of a successful defense, and those who don’t prepare are going to face uncertainty caused by the lack…
How an AI-Based ‘Pen Tester’ Became a Top Bug Hunter on HackerOne – Dark Reading
AI researcher explains how an automated penetration-testing tool became the first non-human member on HackerOne to reach the top of the platform’s US leaderboard. – Read More
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws – The Hacker News
Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients…
Silicon under siege: Nation-state hackers target semiconductor supply chains – CSO Online
Cyberattacks targeting the global semiconductor industry surged more than 600% since 2022, with confirmed ransomware losses exceeding $1.05 billion since 2018, according to new research published Wednesday by cybersecurity firm…
New ransomware ‘Charon’ uses DLL sideloading to breach critical infrastructure – CSO Online
Trend Micro has identified a new ransomware strain, Charon, which is being deployed in highly targeted attacks against aviation and public sector entities in the Middle East. Unlike conventional ransomware,…
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code – The Hacker News
Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries a CVSS…