Threat actors operating the SystemBC botnet are systematically compromising vulnerable virtual private servers (VPS) and converting them into high-throughput proxy relays. According to research by Lumen Technologies, the network sustains roughly 1,500 active bots per day, providing resilient channels to anonymize malicious activity and conceal upstream command-and-control (C2) infrastructure. Scale and Design: A Proxy Botnet … Read more

Researchers at Socket report that the npm package fezbox used an unconventional delivery method: obfuscated JavaScript was embedded inside a QR-code image (JPG) fetched from an attacker-controlled server. Before npm administrators removed the package, it had been downloaded at least 327 times, underscoring the continuing risk of open-source supply chain attacks. BleepingComputer confirms the analysis … Read more

Kali has released its third build of the year, Kali Linux 2025.3, focusing on wireless and mobile offensive capabilities. The update reintroduces Nexmon support—restoring reliable Raspberry Pi 5 operation—adds 10 new tools, and delivers notable improvements to Kali NetHunter, including an updated profile for Samsung S10 and ongoing enhancements for the Car Hacking track. Kali … Read more

Raspberry Pi is doubling down on the “computer-in-a-keyboard” concept with the Raspberry Pi 500+. Beyond a performance bump, the device introduces changes that directly influence cybersecurity posture, making it more suitable for classrooms, developers, and everyday desktop use—provided it is deployed with robust security controls. Key hardware upgrades: NVMe, 16GB RAM, and dual 4K The … Read more

Darktrace has profiled ShadowV2, a new DDoS botnet that targets exposed Docker environments and monetizes access through a DDoS‑as‑a‑Service model. The campaign stands out for its use of mainstream DevOps tooling—most notably GitHub Codespaces—as control infrastructure and for emphasizing behavioral stealth over static indicators such as known images or fixed command‑and‑control hosts. Why ShadowV2 is … Read more

Stellantis has disclosed unauthorized access to a third‑party platform that supports its customer service operations in North America. According to the company, attackers accessed a subset of customer contact information, while financial details and other sensitive personal data were not stored on the impacted system. Stellantis has initiated incident response procedures, notified regulators, and is … Read more

Steam has delisted the game BlockBlasters, published by a developer using the name Genesis Interactive, after researchers uncovered a malicious update that deployed an info‑stealer and backdoor. The campaign led to losses of at least $150,000 and impacted hundreds of users, with one high‑profile victim—streamer RastalandTV—losing $32,000 in donations raised for cancer treatment after installing … Read more

Valve has alerted Steam users to a compromised build of the game BlockBlasters that was used to steal cryptocurrency from players. The title has been removed from the Steam store. Users who launched the game recently are urged to perform immediate security checks to limit potential loss of digital assets. Malicious update on Steam: how … Read more

Threat actors are actively exploiting CVE-2025-10035, a CVSS 10.0 vulnerability in Fortra GoAnywhere MFT that enables unauthenticated remote command execution. Evidence indicates compromises began at least eight days before the vendor’s security advisory, underscoring the urgency to patch and reduce exposure. Fortra has released fixes, but unpatched deployments remain at high risk. What is CVE-2025-10035 … Read more

Two malicious Rust packages on Crates.io—faster_log and async_println—were removed after collecting roughly 8,500 downloads and quietly harvesting private keys and other developer secrets, according to threat intelligence from Socket. Published on 25 May 2025, the crates embedded runtime code to scan local environments and source trees, then exfiltrated findings to a hardcoded Cloudflare Workers endpoint. … Read more