In 2022, we published our research examining how IT specialists look for work on the dark web. Since then, the job market has shifted, along with the expectations and requirements placed on professionals. However, recruitment and headhunting on the dark web remain active. So, what does this job market lookRead More »Inside the dark web job market
CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engineering tactics to trick users into compromising their accounts. Investigators identified thousands of malicious URLs
Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud. “A key differentiator is its ability to bypass encrypted messaging,” ThreatFabric said in a report shared with The Hacker News. “By capturing content directly fromRead More »New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
A proof-of-concept (PoC) exploit targeting the high-severity remote code execution (RCE) bug exists. The post Recent 7-Zip Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Introduction Tsundere is a new botnet, discovered by our Kaspersky GReAT around mid-2025. We have correlated this threat with previous reports from October 2024 that reveal code similarities, as well as the use of the same C2 retrieval method and wallet. In that instance, the threat actor created malicious Node.jsRead More »Blockchain and Node.js abused by Tsundere: an emerging botnet
Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting. The development is a sign that the lines between state-sponsored cyber attacks and kinetic warfare are increasingly blurring, necessitating theRead More »Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
SolarWinds Serv-U is affected by vulnerabilities that can be exploited for remote code execution. The post SolarWinds Patches Three Critical Serv-U Vulnerabilities appeared first on SecurityWeek.
Threat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part of a global malvertising campaign dubbed TamperedChef. The end goal of the attacks is to establish persistence and deliver JavaScript malware that facilitates remote access and control, per a new report fromRead More »TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign
The move to acquire Chronosphere is the latest of several acquisitions in recent years and follows a massive $25 billion deal to acquire CyberArk. The post Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal appeared first on SecurityWeek.
In the race to secure cloud infrastructure, intrusion prevention systems (IPS) remain one of the most critical yet complex at the cloud network layer of defense. For many organizations, deploying IPS in the cloud is a balancing act between agility and control.
