Cyber News & Articles

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.
The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical

Some cybersecurity news outlets were duped a few days ago by a claim that Europol was offering a $50,000 bounty for information about two members of the Qilin ransomware group.

Turns out it was all a hoax.

Read more details about what happened in my article on the Hot for Security blog

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell.
The “Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,” Trellix researcher Sagar Bade said in a technical write-up.
“The payload isn’t hidden inside the file content or a macro, it’s encoded directly

Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks.
“The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by

INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims.
“The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation,” the agency said.
The effort is the second phase of an ongoing law

Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace.
Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,

Critical infrastructure organisations are once again being warned of the threat posed by malicious cybercriminals, following a ransomware attack against a state-owned energy company in Pakistan.

Read more in my article on the Exponential-e blog.

A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled.
Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers in March 2025. He was arrested and

Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –

CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user

Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3.
Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then