Cybersecurity News

Cybersecurity researchers at Imperva have uncovered a sophisticated large-scale malicious campaign leveraging Python-based bots to compromise PHP web servers. The attack campaign primarily targets Indonesian web infrastructure to promote illegal gambling operations through compromised legitimate websites. GSocket Deployment and Attack Infrastructure The investigation revealed millions of suspicious requests originating from Python clients attempting to install … Read more

Security researchers at Trend Micro have identified a significant security vulnerability (CVE-2025-0411) in the widely-used 7-Zip file archiver that compromises Windows’ Mark of the Web (MotW) security feature. This critical flaw enables potential attackers to circumvent essential Windows security protocols, potentially exposing users to malicious code execution. Understanding Mark of the Web and Its Security … Read more

Cybersecurity researchers have uncovered a sophisticated malware campaign targeting macOS and Linux users through malicious Google Ads that impersonate the popular package manager Homebrew. The campaign deploys the dangerous AmosStealer malware, specifically designed to harvest cryptocurrency wallet credentials and sensitive financial data. Campaign Discovery and Attack Vector Analysis Security researcher Ryan Chenki first identified this … Read more

Security researchers at Socket have identified a significant security threat within the Python Package Index (PyPI), discovering a malicious package that poses a severe risk to Discord application developers. The package, named pycord-self, masquerades as the legitimate discord.py-self library, implementing a sophisticated attack vector that threatens both developer systems and Discord user accounts. Sophisticated Impersonation … Read more

Cybersecurity researchers have identified a sophisticated phishing campaign leveraging public interest in Ross Ulbricht’s clemency petition. The operation, classified as a ClickFix attack (also known as ClearFake or OneDrive Pastejacking), demonstrates an advanced approach to social engineering and malware distribution through PowerShell manipulation. Technical Analysis of the ClickFix Campaign Infrastructure The attack chain, first documented … Read more

A groundbreaking investigation by cybersecurity researchers has unveiled the complex economics of cybercrime markets, analyzing over 20,000 listings across major dark web forums and marketplaces. This comprehensive study provides unprecedented insight into the pricing structures of malicious tools and services, revealing the true operational costs behind modern cyber attacks. Ransomware Dominates the Malware Economy The … Read more

Cybersecurity researchers at Malwarebytes have uncovered a sophisticated phishing campaign specifically targeting Google Ads account owners. The operation demonstrates an advanced level of social engineering by leveraging Google’s own advertising platform and infrastructure to distribute malicious advertisements, making detection particularly challenging. Technical Sophistication of the Attack Vector The attack methodology reveals a deep understanding of … Read more

Cybersecurity researchers have discovered a significant vulnerability in Cloudflare’s Content Delivery Network (CDN) that enables threat actors to determine the approximate geographical location of users on major platforms including Signal, Discord, and X (formerly Twitter). The security flaw, which exploits image caching mechanisms, requires no direct interaction from potential targets, raising serious privacy concerns across … Read more

Security researchers at ESET have uncovered a critical vulnerability (CVE-2024-7344) in UEFI Secure Boot, a fundamental security mechanism designed to protect systems during startup. This severe security flaw enables attackers to deploy malicious bootloaders even when Secure Boot protection is active, potentially compromising system integrity at its most basic level. Understanding the Technical Impact The … Read more

Security researchers at SpearTip have uncovered a sophisticated large-scale brute force attack campaign targeting Microsoft 365 users, achieving an unprecedented 9.7% success rate in account compromises. The attack leverages the high-performance FastHTTP library written in Go to launch rapid-fire attacks against Azure Active Directory Graph API, representing a significant evolution in threat actors’ capabilities. Technical … Read more