Cyber News & Articles

Latest Posts

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files
Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

The AI Fix #51: Divorce by coffee grounds, and why AI robots need your brain

May 20, 2025 | Cybersecurity

In episode 51 of The AI Fix, a Greek man’s marriage is destroyed after ChatGPT reads his coffee, a woman dumps her husband to marry an AI called Leo, and Graham wonders whether it’s time to upload his brain into a lunchbox-packing robot.

Meanwhile, a humanoid robot goes full Michael Crawford in a Chinese factory, the UK government launches an AI to read angry public consultations, and Mark dreams of a world where robots finally have common sense – and swear like sailors.

Plus Graham uncovers how AI is wrecking relationships and inventing soulmates, and Mark explains why Google’s Gemini-powered bots might be smarter, more dexterous, and more emotionally stable than most of your exes.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

May 20, 2025 | Cybersecurity

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder.
“The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries received the malicious content,” Acronis researchers Santiago Pontiroli, Jozsef Gegeny, and Prakas

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

May 20, 2025 | Cybersecurity

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts.
“These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3

The Crowded Battle: Key Insights from the 2025 State of Pentesting Report

May 20, 2025 | Cybersecurity

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex picture of progress, challenges, and a shifting mindset

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

May 20, 2025 | Cybersecurity

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.
ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using

SEC Twitter hack: Man imprisoned for role in attack that caused Bitcoin’s price to soar.

May 20, 2025 | Cybersecurity

Eric Council Jr. pleaded guilty to charges related to the January 2024 hack of the US Securities and Exchange Commission’s (SEC) Twitter account, which saw a fake announcement about the Bitcoin cryptocurrency posted to its followers.

Read more in my article on the Hot for Security blog.

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

May 20, 2025 | Cybersecurity

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers.
The malicious activity has been codenamed RedisRaider by Datadog Security Labs.
“RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,”

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

May 19, 2025 | Cybersecurity

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs.
All three packages are no longer available on PyPI. The names of the Python packages are below –

checker-SaGaF (2,605 downloads)
steinlurks (1,049 downloads)
sinnercore (3,300 downloads)

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

May 19, 2025 | Cybersecurity

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility.
“Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience,” the company said in a statement posted on its website.
“Robware.net and RVTools.com are the only authorized and supported websites for

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

May 19, 2025 | Cybersecurity

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts.
“Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early 2025, we have observed multiple ransomware operators using it

« Older Entries

Next Entries »