An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software product, not a new attack. […]
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US
Artem Stryzhak pleaded guilty to conspiracy to commit computer fraud after he was extradited earlier this year.
The post Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US appeared first on SecurityWeek.
Ukrainian hacker admits affiliate role in Nefilim ransomware gang
A Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries. […]
WatchGuard Patches Firebox Zero-Day Exploited in the Wild
The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution.
The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek.
UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports
The British government is investigating a “cyber incident” following news reports that hackers linked to China have gained access to thousands of confidential documents.
The post UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports appeared first on SecurityWeek.
Critical RCE flaw impacts over 115,000 WatchGuard firewalls
Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks. […]
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan.
“Previously, users received ‘pure’ Trojan APKs that acted as malware immediately upon installation,” Group-IB said in an analysis published last week. “Now, adversaries increasingly deploy
“Previously, users received ‘pure’ Trojan APKs that acted as malware immediately upon installation,” Group-IB said in an analysis published last week. “Now, adversaries increasingly deploy
Docker Hardened Images now open source and available for free
More than a 1,000 Docker Hardened Images (DHI) are now freely available and open source for software builders, under the Apache 2.0 license. […]
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey.
“The scale of Prince of Persia’s activity is more significant than we originally anticipated,” Tomer Bar, vice president of security research at SafeBreach, said
“The scale of Prince of Persia’s activity is more significant than we originally anticipated,” Tomer Bar, vice president of security research at SafeBreach, said
RansomHouse upgrades encryption with multi-layered data processing
The RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method. […]