Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations. The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared first on SecurityWeek.
Two years ago, Americans anxious about the forthcoming 2024 presidential election were considering the malevolent force of an election influencer: artificial intelligence. Over the past several years, we have seen plenty of warning signs from elections worldwide demonstrating how AI can be used to propagate misinformation and alter the politicalRead More »AI and the Future of American Politics
It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild. The post Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data appeared first on SecurityWeek.
Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an “exploit shotgun” approach, has singled out a wide range of internet-exposed infrastructure, including routers, digital video recorders (DVRs), network video recorders (NVRs),Read More »Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving “credible reports” in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users’ devices. “Threat actors were leveraging basic social engineering techniques alongside unpatched (0-day) exploitsRead More »Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
The authorities arrested GoogleXcoder, the alleged administrator of GXC Team, which offered phishing kits and Android malware. The post Spanish Authorities Dismantle ‘GXC Team’ Crime-as-a-Service Operation appeared first on SecurityWeek.
The data allegedly pertains to Albertsons, Engie Resources, Fujifilm, GAP, Qantas, and Vietnam Airlines. The post Extortion Group Leaks Millions of Records From Salesforce Hacks appeared first on SecurityWeek.
Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in the face of infrastructure takedowns. “Instead of relying solely on traditional command-and-control (C2) servers that can be taken down, these attackers areRead More »Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. “Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, ‘serviceaccount,’” eSentire said in a technicalRead More »New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Threat actors are evolving too quickly for organizations to keep up.
