Skip to content
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT. “CountLoader is being used either as part of an Initial Access Broker’sRead More »CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

Tiffany Data Breach Impacts Thousands of Customers

The high-end jewelry retailer is informing customers in the United States and Canada that hackers accessed information related to gift cards. The post Tiffany Data Breach Impacts Thousands of Customers appeared first on SecurityWeek.

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. “SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said.Read More »SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Threat Actor Infests Hotels With New RAT

RevengeHotels has been targeting hotels in Brazil and Spanish-speaking regions with VenomRAT implants in 2025. The post Threat Actor Infests Hotels With New RAT appeared first on SecurityWeek.

Time-of-Check Time-of-Use Attacks Against LLMs

This is a nice piece of research: “Mind the Gap: Time-of-Check to Time-of-Use Vulnerabilities in LLM-Enabled Agents“.: Abstract: Large Language Model (LLM)-enabled agents are rapidly emerging across a wide range of applications, but their deployment introduces vulnerabilities with security implications. While prior work has examined prompt-based attacks (e.g., prompt injection)Read More »Time-of-Check Time-of-Use Attacks Against LLMs

Israeli Cyber Fund Glilot Capital Raises $500 Million

The top-performing venture fund heavily invests in startups building cybersecurity, AI, and enterprise software. The post Israeli Cyber Fund Glilot Capital Raises $500 Million appeared first on SecurityWeek.

Chrome 140 Update Patches Sixth Zero-Day of 2025

An exploited type confusion in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this week. The post Chrome 140 Update Patches Sixth Zero-Day of 2025 appeared first on SecurityWeek.

Copyright © 2025 infosecintel.net