Hackvolt — IT Security News, Cybersecurity & Research & Security Audits

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

NEWSJanuary 14, 202608 mins

The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated…

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

NEWSJanuary 14, 202609 mins

Security experts have disclosed details of an active malware campaign that’s exploiting a DLL side-loading vulnerability in a legitimate binary…

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

NEWSJanuary 14, 2026011 mins

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from…

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

NEWSJanuary 13, 202606 mins

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC,…

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

NEWSJanuary 13, 202603 mins

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated…

What Should We Learn From How Attackers Leveraged AI in 2025?

NEWSJanuary 13, 202606 mins

Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about…

⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

NEWSJanuary 12, 2026037 mins

This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned…

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

NEWSJanuary 10, 202603 mins

The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom…

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

NEWSJanuary 10, 202603 mins

Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international…

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

NEWSJanuary 9, 202603 mins

Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including…

Hackvolt — IT Security News

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

What Should We Learn From How Attackers Leveraged AI in 2025?

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

What Should We Learn From How Attackers Leveraged AI in 2025?

⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains

Microsoft Mitigates Record 5.72 Tbps DDoS Attack Driven by AISURU Botnet

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

You May Have Missed