UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia…
August 2025
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains…
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious…
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called…
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown
INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. “The…
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat…
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that…
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat…
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging…
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed…