Skip to content
Threat Note Threat Note

Aggregating Cyber Insights

  • Articles
  • Breaches
  • Learning
  • News
  • Podcast
  • Research
  • Toolkit
  • Vulnerabilities
  • Webinars
  • About Us

Vulnerabilities

  • Home
  • Vulnerabilities
From Cybersecurity Help – Cyber Security Week in Review: November 7, 2025
Posted inVulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: November 7, 2025

In brief: Threat actors exploit multiple Cisco flaws, Sandworm launched multiple data-wiping cyberattacks against Ukraine, and more.  ​ Read More  ​ 
Posted by Samir K November 7, 2025
From Cybersecurity Help – SonicWall confirms state-sponsored hackers behind September security breach
Posted inVulnerabilities

From Cybersecurity Help – SonicWall confirms state-sponsored hackers behind September security breach

Еhe malicious activity was limited to unauthorized access of cloud backup files from a specific cloud environment via an API callю  ​ Read More  ​ 
Posted by Samir K November 6, 2025
From Cybersecurity Help – PROMPTFLUX VBS malware uses AI model API to rewrite its own code
Posted inVulnerabilities

From Cybersecurity Help – PROMPTFLUX VBS malware uses AI model API to rewrite its own code

PROMPTFLUX is written in VBScript and uses a hard-coded API key to query Google’s Gemini model.  ​ Read More  ​ 
Posted by Samir K November 5, 2025
From Cybersecurity Help – Iran-linked UNK_SmudgedSerpent hackers target academics and policy experts amid regional tensions
Posted inVulnerabilities

From Cybersecurity Help – Iran-linked UNK_SmudgedSerpent hackers target academics and policy experts amid regional tensions

The campaign’s TTPs bear strong resemblance to known Iranian cyber espionage groups, including TA455, Charming Kitten, and MuddyWater.  ​ Read More  ​ 
Posted by Samir K November 5, 2025
From Cybersecurity Help – Three former cybersecurity employees indicted in BlackCat ransomware scheme
Posted inVulnerabilities

From Cybersecurity Help – Three former cybersecurity employees indicted in BlackCat ransomware scheme

The trio acted as affiliates of the BlackCat ransomware gang, breaching corporate networks, stealing sensitive data, encrypting systems, and demanding ransom payments.  ​ Read More  ​ 
Posted by Samir K November 5, 2025
From Cybersecurity Help – US sanctions North Korean companies and individuals over cybercrime money laundering
Posted inVulnerabilities

From Cybersecurity Help – US sanctions North Korean companies and individuals over cybercrime money laundering

The sanctions are part of a broader effort to curb North Korea’s global financial network that support the regime’s weapons development.  ​ Read More  ​ 
Posted by Samir K November 5, 2025
From Cybersecurity Help – Russian-linked group abuses Hyper-V to hide malware in Linux VM
Posted inVulnerabilities

From Cybersecurity Help – Russian-linked group abuses Hyper-V to hide malware in Linux VM

The attackers deployed two custom tools CurlyShell and CurlCat designed for remote code execution and covert communications.  ​ Read More  ​ 
Posted by Samir K November 4, 2025
From Cybersecurity Help – Balancer suffers $128M DeFi exploit in one of 2025’s largest crypto heists
Posted inVulnerabilities

From Cybersecurity Help – Balancer suffers $128M DeFi exploit in one of 2025’s largest crypto heists

The company disclosed that the exploit specifically targeted its V2 Composable Stable Pools.  ​ Read More  ​ 
Posted by Samir K November 4, 2025
From Cybersecurity Help – Threat actors use Tor-enabled OpenSSH backdoor in attacks on Russia and Belarus
Posted inVulnerabilities

From Cybersecurity Help – Threat actors use Tor-enabled OpenSSH backdoor in attacks on Russia and Belarus

The malware deploys a complex infrastructure that combines OpenSSH for Windows with a customized Tor hidden service.  ​ Read More  ​ 
Posted by Samir K November 4, 2025
From Cybersecurity Help – New SesameOp backdoor uses OpenAI Assistants API for C&C
Posted inVulnerabilities

From Cybersecurity Help – New SesameOp backdoor uses OpenAI Assistants API for C&C

The infection chain uses a loader and a .NET-based backdoor component that leverages OpenAI as a C&C channel.  ​ Read More  ​ 
Posted by Samir K November 4, 2025
From Cybersecurity Help – Cybercriminals target trucking industry with remote access software to steal cargo
Posted inVulnerabilities

From Cybersecurity Help – Cybercriminals target trucking industry with remote access software to steal cargo

Attackers have used a combination of spear-phishing emails, hijacked business conversations, and compromised accounts to post fake freight listings on load boards.  ​ Read More  ​ 
Posted by Samir K November 3, 2025
From Cybersecurity Help – Tests reveal Chinese electric buses in Norway can be remotely disabled
Posted inVulnerabilities

From Cybersecurity Help – Tests reveal Chinese electric buses in Norway can be remotely disabled

Ruter confirmed that the Chinese company has access to the bus’s software updates, diagnostics, and battery systems.  ​ Read More  ​ 
Posted by Samir K November 3, 2025
From Cybersecurity Help – North Korea-linked Kimsuky uses new HttpTroy backdoor in attacks against South Korea
Posted inVulnerabilities

From Cybersecurity Help – North Korea-linked Kimsuky uses new HttpTroy backdoor in attacks against South Korea

The malicious campaign used a ZIP attachment, which masqueraded as a VPN invoice.  ​ Read More  ​ 
Posted by Samir K November 3, 2025
From Cybersecurity Help – Ongoing BadCandy attacks target Cisco IOS XE vulnerability
Posted inVulnerabilities

From Cybersecurity Help – Ongoing BadCandy attacks target Cisco IOS XE vulnerability

BadCandy grants attackers root-level command execution on compromised systems.  ​ Read More  ​ 
Posted by Samir K November 3, 2025
From Cybersecurity Help – Cyber Security Week in Review: October 31, 2025
Posted inVulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: October 31, 2025

In brief: Microsoft patches a WSUS flaw, a major US telecom supplier compromised by nation-state hackers, and more.  ​ Read More  ​ 
Posted by Samir K October 31, 2025

Posts pagination

1 2 3 … 88 Next page

Latest Posts

  • From Security Week – Many Forbes AI 50 Companies Leak Secrets on GitHubNovember 10, 2025
  • From Cyber Security News – Chinese Cybersecurity Firm Data Breach Exposes State-Sponsored Hackers Cyber Weapons and Target ListNovember 10, 2025
  • From Dark Reading – ClickFix Campaign Targets Hotels, Spurs Secondary Customer AttacksNovember 10, 2025
  • From Cyber Security News – OWASP Top 10 2025 – Revised Version Released With Two New CategoriesNovember 10, 2025
  • From Cyber Security News – Incident Response Team (ShieldForce) Partners with AccuKnox for Zero Trust CNAPP in Latin AmericaNovember 10, 2025