Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company’s advertising platforms. […]
LameHug malware uses AI LLM to craft Windows data-theft commands in real-time
A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. […]
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025.
“The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos researchers Chris Neal and Craig Jackson
“The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos researchers Chris Neal and Craig Jackson
Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud
Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security.
The post Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud appeared first on SecurityWeek.
Hacker steals $27 million in BigONE exchange crypto breach
Cryptocurrency exchange BigONE announced that it suffered a security breach, in which hackers stole various digital assets valued at $27 million. […]
Chinese hackers breached National Guard to steal network configurations
The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks. […]
Max severity Cisco ISE bug allows pre-auth command execution, patch now
A critical vulnerability (CVE-2025-20337) in Cisco’s Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. […]
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys.
The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution.
“The attacker leverages
The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution.
“The attacker leverages
Empirical Security Raises $12 Million for AI-Driven Vulnerability Management
Cybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform.
The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek.
Armenian Man Extradited to US Over Ryuk Ransomware Attacks
Karen Serobovich Vardanyan pleaded not guilty to charges related to his alleged role in the Ryuk ransomware operation.
The post Armenian Man Extradited to US Over Ryuk Ransomware Attacks appeared first on SecurityWeek.