A research team at FortiGuard Labs has identified a new Mirai-based IoT botnet named ShadowV2, which weaponizes routers, network video recorders (NVRs) and NAS systems for large-scale DDoS attacks. The botnet exploits at least eight known vulnerabilities in products from D-Link, TP-Link and several other vendors, posing a threat to both home networks and enterprise … Read more

Public IP addresses of home users and small businesses are increasingly abused as part of botnets and residential proxy networks, often without the owner’s knowledge. To help detect this kind of hidden misuse, GreyNoise has launched a free online service called GreyNoise IP Check, which evaluates whether a given public IP has been observed in … Read more

A significant cybersecurity incident has hit the OnSolve CodeRED platform, a mass notification system widely used by US state and local governments for emergency alerts. The ransomware group INC, operating under a Ransomware-as-a-Service (RaaS) model, has claimed responsibility. The attack disrupted emergency notification workflows and led to the compromise of personal data belonging to CodeRED … Read more

OpenAI has disclosed a security incident at its third‑party analytics provider Mixpanel, used to track user behaviour in the frontend of products built on the OpenAI API. The breach led to exposure of certain user data, but OpenAI’s own infrastructure and core systems were not directly compromised. Who Was Affected by the OpenAI–Mixpanel Data Leak … Read more

Asus has released new firmware updates for its consumer routers that address nine security vulnerabilities, including a critical AiCloud authentication bypass tracked as CVE-2025-59366. The flaw allows remote attackers to perform actions on the router without logging in as an administrator, putting both stored files and network configuration at direct risk. AiCloud: Remote Access Feature … Read more

The Shai-Hulud malware, initially associated with the npm ecosystem, has now been detected in another core open source repository: Maven Central. This cross-ecosystem move significantly broadens the scope of the ongoing software supply chain campaign and raises the risk for developers working with both JavaScript and Java. Shai-Hulud Detected in Maven Central via mvnpm-Generated Package … Read more

Five newly disclosed vulnerabilities in Fluent Bit — one of the most widely deployed logging and metrics agents — can be chained to compromise entire cloud environments and Kubernetes clusters. According to research by Oligo Security and an associated CERT/CC advisory, successful exploitation gives attackers control over the observability layer, enabling deep, stealthy access into … Read more

A newly identified Windows botnet dubbed Tsundere is demonstrating how quickly cybercriminals are adopting Web3 technologies. The malware masquerades as installers for popular online games and uses Ethereum smart contracts to manage its command-and-control (C2) servers, significantly complicating detection and takedown efforts. Tsundere botnet targets Windows gamers in Latin America Current telemetry indicates that Tsundere … Read more

The rapid integration of AI assistants into web browsers — from Copilot in Microsoft Edge and Gemini in Google Chrome to Comet by Perplexity — has made it easy to summarize, analyze, and interact with web content. Research by Cato Networks now shows that these capabilities also introduce a new attack class, dubbed HashJack, which … Read more

The founders of Samourai Wallet and its integrated bitcoin mixing service Whirlpool have received prison sentences in the United States, marking one of the most high‑profile enforcement actions against a privacy‑focused cryptocurrency wallet to date. According to the U.S. Department of Justice (DOJ), the platform was used to launder more than $237 million in cryptocurrency … Read more