Blog – Page 651 – Cyber Mike

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups.
The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard’s STRIKE team.
“The LapDogs network has a high concentration of victims

Russia’s throttling of Cloudflare makes sites inaccessible

Starting June 9, 2025, Russian internet service providers (ISPs) have begun throttling access to websites and services protected by Cloudflare, an American internet giant. […]

Citrix Bleed 2 flaw now believed to be exploited in attacks

A critical NetScaler ADC and Gateway vulnerability dubbed “Citrix Bleed 2” (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices. […]

Critical Citrix Bleed 2 flaw now likely exploited in attacks

In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update

Noteworthy stories that might have slipped under the radar: Norwegian dam hacked, AT&T agrees to $177 million data breach settlement, Whole Foods distributor restores systems after attack.

The post In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update appeared first on SecurityWeek.

PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community.
The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians’ Convention on Tibet (WPCT), China’s education policy in the Tibet Autonomous Region (TAR), and a recently published book by the 14th Dalai Lama,

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage

Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel.

The post Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage appeared first on SecurityWeek.

Business Case for Agentic AI SOC Analysts

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending.
At the same time, SOC inefficiencies are draining resources. Studies show that up to half of all

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit.
The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to the threat actor.

RevEng.ai Raises $4.15 Million to Secure Software Supply Chain

RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.

The post RevEng.ai Raises $4.15 Million to Secure Software Supply Chain appeared first on SecurityWeek.

Cyber News