A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy’s platform for managing fleets of WordPress websites. […]
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and targets internet-exposed devices running Android Debug Bridge (ADB) to enlist them in a network capable of carrying out distributed denial-of-service (DDoS) attacks.
Hunt.io, which detailed the malware, said it made the discovery after identifying an exposed directory on a Netherlands-hosted
Hunt.io, which detailed the malware, said it made the discovery after identifying an exposed directory on a Netherlands-hosted
Critical vm2 sandbox bug lets attackers execute code on hosts
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. […]
New Cisco DoS flaw requires manual reboot to revive devices
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery. […]
DAEMON Tools devs confirm breach, release malware-free version
Disc Soft Limited, the maker of DAEMON Tools Lite, confirmed that the software had been trojanized in a supply chain attack and released a new, malware-free version. […]
Autonomous Offensive Security Firm XBOW Raises $35 Million
The company raised another $35 million as an extension to its previously announced Series C funding round.
The post Autonomous Offensive Security Firm XBOW Raises $35 Million appeared first on SecurityWeek.
Why ransomware attacks succeed even when backups exist
Backups don’t fail because they’re missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery. […]
Herd Security Raises $3 Million for AI-Powered Training Platform
The startup will invest in expanding its training categories, optimizing video generation, and growing its partnership ecosystem.
The post Herd Security Raises $3 Million for AI-Powered Training Platform appeared first on SecurityWeek.
MuddyWater hackers use Chaos ransomware as a decoy in attacks
The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social engineering to gain access and establish persistence. […]
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false flag” operation.
The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident
The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident