A method to silently exfiltrate Windows secrets and credentials, evading detection from most Endpoint Detection and Response (EDR) solutions. This technique allows attackers who have gained an initial foothold on a Windows machine to harvest credentials for lateral movement across…
Category: Cyber Security News
New HTTP Smuggling Attack Technique Let Hackers Inject Malicious Requests
A sophisticated HTTP request smuggling attack that exploits inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This newly discovered technique leverages malformed chunked transfer encoding extensions to bypass established security controls and inject unauthorized secondary requests into…
Help TDS Weaponize Legitimate Sites’ PHP Code Templates With Fake Microsoft Windows Security Alert Pages
A sophisticated traffic direction system known as Help TDS has been weaponizing compromised websites since 2017, transforming legitimate sites into gateways for elaborate tech support scams. The operation specializes in deploying PHP code templates that redirect unsuspecting visitors to fraudulent…
CISA Warns of Apple iOS, iPadOS, and macOS 0-day Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical zero-day vulnerability affecting Apple’s iOS, iPadOS, and macOS operating systems that threat actors are actively exploiting. The vulnerability, tracked as CVE-2025-43300, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog,…
Hackers Abuse VPS Servers To Compromise Software-as-a-service (SaaS) Accounts
Cybercriminals are increasingly leveraging Virtual Private Server (VPS) infrastructure to orchestrate sophisticated attacks against Software-as-a-Service (SaaS) platforms, exploiting the anonymity and clean reputation of these hosting services to bypass traditional security controls. A coordinated campaign identified in early 2025 demonstrated…
Chinese MURKY PANDA Attacking Government and Professional Services Entities
A sophisticated China-nexus threat actor designated MURKY PANDA has emerged as a significant cybersecurity concern, conducting extensive cyberespionage operations against government, technology, academic, legal, and professional services entities across North America since late 2024. This advanced persistent threat group demonstrates…
Malicious Go Module Package as Fast SSH Brute Forcer Exfiltrates Passwords via Telegram
A sophisticated supply chain attack has emerged targeting developers through a malicious Go module package that masquerades as a legitimate SSH brute forcing tool while covertly stealing credentials for cybercriminal operations. The package, named “golang-random-ip-ssh-bruteforce,” presents itself as a fast…
BQTLOCK Ransomware Operates as RaaS With Advanced Evasion Techniques
A sophisticated new ransomware strain named BQTLOCK has emerged in the cyberthreat landscape since mid-July 2025, operating under a comprehensive Ransomware-as-a-Service (RaaS) model that democratizes access to advanced encryption capabilities for cybercriminals. The malware, associated with ‘ZerodayX’, the alleged leader…
Lumma Affiliates Using Advanced Evasion Tools Designed to Ensure Stealth and Continuity
The Lumma information stealer has evolved from its 2022 origins into one of the most sophisticated malware-as-a-service (MaaS) ecosystems in the cybercriminal landscape. Operating through a vast network of affiliates, Lumma has established itself as the dominant infostealer platform, accounting…
New Cryptojacking Attack Exploits Redis Servers to Install Miners and Disable Defenses
A sophisticated cryptojacking campaign has emerged, exploiting misconfigured Redis servers across multiple continents to deploy cryptocurrency miners while systematically dismantling security defenses. The threat actor behind this operation, designated TA-NATALSTATUS, has been active since 2020 but has significantly escalated their…