Posts by Samir K

 Cisco has disclosed a severe vulnerability in its widely used IOS and IOS XE Software, potentially allowing attackers to crash devices or seize full control through remote code execution. The…

Be aware: a rash of phishing campaigns are leveraging the anxiety and trust employees have in password vaults securing all of their credentials. Read More  

Researchers discovered more than 550 unique secrets exposed in Visual Studio Code marketplaces, prompting Microsoft to bolster security measures. Read More  

AI might help some threat actors in certain respects, but one group is proving that its use for cyberattacks has its limits. Read More  

 A new information-stealer has emerged targeting job seekers with a trojanized Node.js application named Chessfi. Delivered via a modified npm package hosted on the official repository, the malware blends two…

A threat actor with ties to the Democratic People's Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster it tracks as UNC5342,

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique used

[[{"value":"The tech giant attributed the attacks to Vanilla Tempest, also known as Vice Spider and Vice Society. The post Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign appeared first…

 Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent account compromise and urge them…

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely

 Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation…

 The Qilin ransomware group has emerged as one of the most prolific and dangerous threat actors in the cybersecurity landscape, exploiting sophisticated bulletproof hosting infrastructure to conduct devastating attacks on…

 In recent months, a new advanced persistent threat (APT) group known as Mysterious Elephant has emerged as a formidable adversary targeting government and diplomatic institutions across the Asia-Pacific region. First…

 U.S. Senator Bill Cassidy, Chairman of the Senate Health, Education, Labor, and Pensions (HELP) Committee, has demanded answers from Cisco Systems regarding recent zero-day vulnerabilities in its widely used networking…

 Early October 2025 witnessed the resurgence of a retro phishing technique that exploits legacy Basic Authentication URLs to deceive users into divulging sensitive credentials. Threat actors crafted links in the…