Cyber Security Week in Review: November 7, 2025
In brief: Threat actors exploit multiple Cisco flaws, Sandworm launched multiple data-wiping cyberattacks against Ukraine, and more.
Cybersecurity News - Page 43
SonicWall confirms state-sponsored hackers behind September security breach
Еhe malicious activity was limited to unauthorized access of cloud backup files from a specific cloud environment via an API callю
PROMPTFLUX VBS malware uses AI model API to rewrite its own code
PROMPTFLUX is written in VBScript and uses a hard-coded API key to query Google’s Gemini model.
Iran-linked UNK_SmudgedSerpent hackers target academics and policy experts amid regional tensions
The campaign’s TTPs bear strong resemblance to known Iranian cyber espionage groups, including TA455, Charming Kitten, and MuddyWater.
Three former cybersecurity employees indicted in BlackCat ransomware scheme
The trio acted as affiliates of the BlackCat ransomware gang, breaching corporate networks, stealing sensitive data, encrypting systems, and demanding ransom payments.
US sanctions North Korean companies and individuals over cybercrime money laundering
The sanctions are part of a broader effort to curb North Korea’s global financial network that support the regime’s weapons development.
Russian-linked group abuses Hyper-V to hide malware in Linux VM
The attackers deployed two custom tools CurlyShell and CurlCat designed for remote code execution and covert communications.
Balancer suffers $128M DeFi exploit in one of 2025’s largest crypto heists
The company disclosed that the exploit specifically targeted its V2 Composable Stable Pools.
Threat actors use Tor-enabled OpenSSH backdoor in attacks on Russia and Belarus
The malware deploys a complex infrastructure that combines OpenSSH for Windows with a customized Tor hidden service.
New SesameOp backdoor uses OpenAI Assistants API for C&C
The infection chain uses a loader and a .NET-based backdoor component that leverages OpenAI as a C&C channel.
Showing elements 421 - 430