SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence
The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution Systems (TDSs) like Parrot TDS and Keitaro TDS to filter...
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
Aug 05, 2025Ravie LakshmananZero-Day / Network Security
SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware...
⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack &...
Aug 04, 2025Ravie LakshmananHacking News / Cybersecurity
Malware isn't just trying to hide anymore—it's trying to belong. We're seeing code that talks like us, logs like us, even documents itself...
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Aug 02, 2025Ravie LakshmananVulnerability / Zero Day
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late...
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
Aug 01, 2025Ravie LakshmananThreat Intelligence / Ransomware
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2)...
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover...
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion...
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
Jul 30, 2025Ravie Lakshmanan
Google Cloud's Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations...
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Jul 30, 2025Ravie LakshmananEncryption / Ransomware
Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free.
"Because the ransomware...
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
Jul 29, 2025Ravie LakshmananVulnerability / Software Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known...
