Posted inVulnerabilities
From Cybersecurity Help – Trust Wallet links $8.5M browser extension hack to industry-wide Sha1-Hulud attack
The attackers gained access after Trust Wallet’s developer GitHub secrets were exposed. Read More
Posted inNews
From Security Week – Kimwolf Android Botnet Grows Through Residential Proxy Networks
[[{"value":"The 2-million-device-strong botnet allows monetization through DDoS attacks, app installs, and the selling of proxy bandwidth. The post Kimwolf Android Botnet Grows Through Residential Proxy Networks appeared first on SecurityWeek."}]] Read…
Posted inNews
From Cyber Security News – Threat Actor Exploited Multiple FortiWeb Appliances to Deploy Sliver C2 for Persistent Access
Recent findings indicate that a sophisticated threat actor is actively exploiting multiple outdated FortiWeb appliances to deploy the Sliver Command and Control (C2) framework. This campaign highlights a concerning trend…
Posted inVulnerabilities
From Cybersecurity Help – New APT37’s Artemis campaign using trojanized HWP documents
The operation uses social engineering and technical evasion techniques, delivering malware through trojanized HWP documents. Read More
Posted inNews
From Security Week – Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes
[[{"value":"WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day. The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins…
Posted inArticles
From Schneier on Security – Telegram Hosting World’s Largest Darknet Market
Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than…
Posted inNews
From The Hacker News – The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations
Featuring:
Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains, security has shifted from a collection of point solutions to a question of architecture, trust, and execution speed.
This report examines how core areas of cybersecurity are evolving in
Posted inVulnerabilities
From Cybersecurity Help – DarkSpectre browser extension campaigns compromise over 8.8M users worldwide
The latest campaign alone impacted 2.2 million users through malicious browser extensions distributed across the three major browsers. Read More
Posted inNews
From Cyber Security News – Kimwolf Botnet Hacked 2 Million Devices and Turned User’s Internet Connection as Proxy Node
A dangerous new malware called Kimwolf has quietly infected over 2 million devices around the world, forcing them to act as illegal proxy servers without the owners knowing. The botnet…
Posted inNews
From Cyber Security News – Critical GNU Wget2 Vulnerability Let Remote Attackers to Overwrite Sensitive Files
A critical security vulnerability has been discovered in GNU Wget2, a widely used command-line tool for downloading files from the web. `The flaw, tracked as CVE-2025-69194, allows remote attackers to…
Posted inVulnerabilities
From Cybersecurity Help – Two cybersecurity experts plead guilty for ALPHV BlackCat ransomware attacks
Goldberg worked at incident response firm Sygnia, while Martin, served as a ransomware negotiator for financial technology company DigitalMint. Read More
Posted inNews
From Cyber Security News – Threat Group ‘Crimson Collective’ Allegedly Claim Breach of Largest Fiber Broadband Brightspeed
Brightspeed, one of America’s leading fiber broadband infrastructure providers, has become the latest victim of a significant cyberattack. The threat group known as Crimson Collective has publicly claimed responsibility for…
Posted inNews
From The Hacker News – Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act
Ilya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016, said he has been released early.
In a post shared on X last week, the 38-year-old announced his release, crediting U.S. President Donald Trump's First Step Act. According to the Federal Bureau of Prisons' inmate locator
Posted inNews
From Cyber Security News – Eaton Vulnerabilities Let Attackers Execute Arbitrary Code On the Host System
A critical security advisory addressing multiple vulnerabilities discovered in the Eaton UPS Companion (EUC) software. These security flaws, if exploited, could allow attackers to execute arbitrary code on the host…
Posted inNews
From The Hacker News – New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code
Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer (also styled as VVS $tealer) that's capable of harvesting Discord credentials and tokens.
The stealer is said to have been on sale on Telegram as far back as April 2025, according to a report from Palo Alto Networks Unit 42.
"VVS stealer's code is obfuscated by Pyarmor," researchers