Iran-linked hacking group deploys new Android spyware amid Israel-Iran conflict
Recent DCHSpy samples have been disguised as VPN and banking apps and promoted on Telegram channels in both English and Farsi.
Cybersecurity News - Page 49
Microsoft SharePoint zero-day exploitation linked to Chinese state-backed hackers
The exploit chain, dubbed ‘ToolShell’, has enabled the compromise of dozens of organizations worldwide.
China's Massistant tool collects mobile data via USB or Wi-Fi, targeting Android and iOS users
The tool is designed to gather extensive information, including GPS data, SMS messages, photos, contacts, and audio.
Japanese police release decryptor for Phobos ransomware
The decryptor aims to help victims recover locked files without paying ransom demands.
Critical CrushFTP flaw exploited in the wild
According to Shadowserver, nearly 1,040 CrushFTP servers are still unpatched and exposed online.
UK sanctions Russian hackers for malicious hybrid operations
Additionally, UK’s NCSC has publicly attributed the deployment of a sophisticated new malware dubbed ‘AUTHENTIC ANTICS’ to the APT28 threat actor long thought to be a unit of the GRU (Military Unit 26165).
APT28 targets Ukrainian defense sector using AI-powered Lamehug malware
Lamehug is integrated with Qwen 2.5-Coder-32B-Instruct, a powerful LLM accessed via the HuggingFace API.
Microsoft SharePoint flaw actively exploited in large-scale cyberattacks
The zero-day flaw, tracked as CVE-2025-53770, allows unauthorized attackers to remotely execute code on vulnerable systems.
UNC6148 threat actor actively targets outdated and patched SonicWall devices
The group is using stolen credentials and OTP seeds to regain access to devices even after security updates have been applied.
Google patches Chrome zero-day allowing sandbox escape
The flaw stems from insufficient validation of untrusted input in ANGLE and GPU.
Showing elements 481 - 490