New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a…
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory…
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to…
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those…
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia…
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains…
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious…
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called…
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown
INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. “The…
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat…