Blog – Page 821 – Cyber Mike

Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids.
The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs.
“The new vulnerabilities can be

Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware

Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.

The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek.

9-Year-Old NPM Crypto Package Hijacked for Information Theft

Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.

The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek.

In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked

Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced.

The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared first on SecurityWeek.

CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection

Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that’s designed to download and execute secondary payloads.
The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader.
“The purpose of the malware is to download and execute second-stage payloads while evading

Microsoft fixes Remote Desktop issues caused by Windows updates

Microsoft has fixed a known issue that caused problems with Remote Desktop and RDS connections after installing Windows updates released since January 2025. […]

New Issuance Requirements Improve HTTPS Certificate Validation

HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation.

The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek.

Morphing Meerkat Phishing Kits Target Over 100 Brands

A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.

The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek.

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe.

The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek.

Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity

Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable instant recovery to minimize downtime and data loss. This is

Cyber News