Latest Cybersecurity News and Articles

Hackers abuse leaked Shellter red team tool to deploy infostealers

Threat actors have exploited a leaked copy of Shellter Elite v11.0, a commercial AV/EDR evasion tool, to deploy infostealers including Rhadamanthys, Lumma, and Arechclient2.

Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war

A sophisticated cyberattack has disrupted the infrastructure used to distribute the “1001” firmware—custom software developed by Russian entities to convert civilian DJI drones for military use in the ongoing conflict in Ukraine.

Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware

The attack begins with a malicious Inno Setup installer that leverages Pascal scripting to execute a series of evasion techniques, including debugger and sandbox detection.

Critical Sudo bugs expose major Linux distros to local root exploits

Researchers disclosed two vulnerabilities (CVE-2025-32462 and CVE-2025-32463) in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit them to escalate privileges to root on affected systems.

Researchers Warn of Exposed JDWP Interfaces Targeted for Cryptomining Attacks

Since JDWP lacks authentication or access control mechanisms, exposing the service to the internet can open up a new attack vector that attackers can abuse as an entry point, enabling full control over the running Java process.

Cybercriminals jump on .es domain for credential phishing trip

Cybersecurity experts at Cofense reported a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram. NimDoor is written in Nim, uses encrypted communications, and steals data like browser history and Keychain credentials.

Ingram Micro confirms ransomware behind multi-day outage

The Safepay ransomware claimed to have accessed sensitive information, including financial statements, intellectual property, accounting records, lawsuits and complaints, personal and customer files, bank details, transactions, etc.

New Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS Attacks

NSFOCUS Fuying Lab’s Global Threat Hunting System has discovered a new botnet family called “hpingbot” that has been quickly expanding since June 2025, marking a significant shift in the cybersecurity scene.

New technique detects tampering or forgery of a PDF document

With the PDF format being used as a formal means of communication in multiple industries, it has become a good target for criminals who wish to affect contracts or aid in misinformation.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags