H2 2025: AI-Malware Emerges as Ransomware Surges

H2 2025: AI-Malware Emerges as Ransomware Surges

December 16, 2025 at 12:00 AM
The second half of 2025 underscored how quickly adversaries adapt, with AI-driven malware moving from concept to reality and ransomware activity breaking records. AI goes operational ESET uncovered …
Read more
Stolen IAM Keys Fuel Massive AWS Cryptomining Operation

Stolen IAM Keys Fuel Massive AWS Cryptomining Operation

December 16, 2025 at 12:00 AM
An ongoing AWS-wide cryptomining campaign is abusing stolen IAM credentials to spin up miners within minutes, Amazon reports. First spotted by GuardDuty and automated monitoring on November 2, 2025, …
Read more
Amazon Reveals GRU Campaign Hitting Energy and Cloud

Amazon Reveals GRU Campaign Hitting Energy and Cloud

December 16, 2025 at 12:00 AM
Amazon’s threat intelligence unit has uncovered a years-long Russian GRU (APT44) campaign targeting Western critical infrastructure, with a sustained focus on energy providers and cloud-hosted …
Read more
Security Weekly: Apple 0-days, WinRAR, .NET RCE, OAuth

Security Weekly: Apple 0-days, WinRAR, .NET RCE, OAuth

December 15, 2025 at 12:00 AM
This week’s security roundup is a patch-now moment. Actively exploited flaws are hitting software most of us use daily—phones, browsers, archives, and popular frameworks. Threat of the week Apple and …
Read more
VolkLocker RaaS Undone by Hard-Coded Master Key

VolkLocker RaaS Undone by Hard-Coded Master Key

December 15, 2025 at 12:00 AM
A new ransomware-as-a-service called VolkLocker, run by the pro-Russian hacktivist group CyberVolk (aka GLORIAMIST), contains a critical design flaw that can allow file recovery without paying. …
Read more
ISO Phishing Drops Phantom Stealer on Russian Finance

ISO Phishing Drops Phantom Stealer on Russian Finance

December 15, 2025 at 12:00 AM
A new phishing wave in Russia is pushing Phantom Stealer via malicious ISO images, with finance and accounting teams most at risk. Seqrite Labs tracks the operation as "Operation MoneyMount-ISO," …
Read more
FreePBX Fixes RCE Chains: SQLi, Upload, AUTHTYPE Bypass

FreePBX Fixes RCE Chains: SQLi, Upload, AUTHTYPE Bypass

December 15, 2025 at 12:00 AM
FreePBX fixed multiple high-severity flaws that can chain into remote code execution (RCE) under certain configurations. Discovered by Horizon3.ai and reported on September 15, 2025, the bugs span …
Read more
Featured VPN Extension Logged Users' AI Conversations

Featured VPN Extension Logged Users' AI Conversations

December 15, 2025 at 12:00 AM
Koi Security reports that Urban VPN Proxy—a Chrome Web Store "Featured" extension with 6 million users (and 1.3 million installs on Microsoft Edge)—silently intercepted and uploaded AI chatbot …
Read more
GitHub OSINT Repos Push PyStoreRAT, a Modular JS RAT

GitHub OSINT Repos Push PyStoreRAT, a Modular JS RAT

December 13, 2025 at 12:00 AM
Threat actors are seeding GitHub with fake OSINT, GPT wrappers, DeFi bots, and security utilities to deliver PyStoreRAT, a previously undocumented modular JavaScript RAT. The loaders are tiny Python …
Read more
CISA Flags Sierra Wireless Router Bug Exploited for RCE

CISA Flags Sierra Wireless Router Bug Exploited for RCE

December 13, 2025 at 12:00 AM
CISA has added CVE-2018-4063 to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation targeting Sierra Wireless AirLink ALEOS routers. The high-severity flaw (CVSS …
Read more

Next page
Privacy Policy

We use cookies!

We use cookies to ensure the proper functioning of our website, to provide you with a convenient browsing experience, and to improve its features, performance, and user experience through analytics.

Privacy Policy
Cookie settings

Use of Cookies

We use cookies to ensure the basic functionality of our website and analytical cookies to collect data for creating statistics aimed at improving the quality of our website. Below, you can customize each group and later change these settings at any time. For more details about cookies, please visit our page Privacy Policy.

Functional and Technical Cookies
These cookies are essential for the proper functioning of the website and cannot be disabled. They allow you to use the basic features of the site during your visit.
Analytical Cookies
These cookies help us understand website traffic so we know which pages are most popular and how visitors navigate our site. Analytical cookies do not collect personal data that would directly identify the user.
Marketing Cookies
These cookies are used to tailor ads and marketing content to your interests. They allow us and our partners to track your behavior on the website and create a profile so we can display relevant content. They are activated only after your consent.
Privacy Policy