Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned…
October 2025
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2)…
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw,…
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30…
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and…
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said…
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely…
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA)…
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and…
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox…