Latest Cybersecurity News and Articles

Dark Partners cybercrime gang fuels large-scale crypto heists

The "Dark Partners" group is conducting a global crypto theft campaign using fake websites mimicking popular AI, VPN, and crypto apps. These sites distribute Poseidon (macOS) and Lumma (Windows) infostealers, along with the PayDay Loader malware.

Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor

A novel botnet campaign dubbed AyySSHush has compromised over 9,000 ASUS routers, including models RT-AC3100, RT-AC3200, and RT-AX55. The campaign leverages brute-force attacks, authentication bypass, and exploitation of known vulnerabilities.

XenServer Windows VM Tools Flaw Enables Attackers to Run Arbitrary Code

Citrix has disclosed three high-severity vulnerabilities (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in XenServer VM Tools for Windows, enabling attackers to escalate privileges within guest Windows VMs.

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people

LexisNexis Risk Solutions has disclosed a significant data breach that compromised the personal information of over 364,000 individuals. The breach involved unauthorized access to a third-party software development platform used by the company.

Threat Actors Weaponizing DCOM to harvest credentials on Windows systems

A new stealthy attack technique is leveraging Distributed Component Object Model (DCOM) objects on Windows systems to harvest credentials without deploying payloads or triggering traditional security alerts.

Phishing Campaign Spoofs Coursera to Steal Facebook Credentials via Fake Meta Certificate Offer

A sophisticated phishing campaign has been uncovered that impersonates Coursera and offers a free Meta Social Media Marketing certificate to lure victims into a multi-stage phishing trap.

Zanubis Android Banking Trojan Evolves with Silent Installation and Credential Theft Capabilities

Zanubis is a sophisticated Android banking Trojan active since 2022, targeting Peruvian financial institutions. It masquerades as legitimate apps to trick users into granting accessibility permissions, enabling full device control.

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

Researchers observed a coordinated cloud-based scanning operation involving 251 Amazon-hosted IP addresses geolocated in Japan. They targeted 75 known exposure points across various technologies, exploiting multiple high-severity vulnerabilities.

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

A malicious campaign is distributing Venom RAT via a fake Bitdefender website (bitdefender-download[.]com), tricking users into downloading malware disguised as antivirus software.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags