Author: Admin

June 10, 2025Red LakshmananCryptocurrency / malicious software Actor threats known as Rare werewolf (Previously a rare wolf) was associated with a series of cyberattacks aimed at Russia and the Commonwealth of Independent Countries (CIS). “The distinctive feature of this threat is that attackers prefer legal software – Note. “The malicious functionality of the company described in this article is implemented through command files and PowerShell scripts.” The intention of the attacks is to establish remote access to the compromised hosts and powers of Siphon, as well as the deployment of the Xmrig cryptocurrency miner. Activities have influenced hundreds of Russian…

June 10, 2025Red LakshmananVulnerability / cyberattacks Cybersecurity and US Infrastructure Agency (CISA) added Two critical security deficiencies that affectShip) A catalog based on evidence of active operation. The vulnerabilities in question are below – Cve-2025-32433 (CVSS assessment: 10.0) – lack of authentication for the vulnerability of a critical function on the Erlang/OTP SS server, which can allow the attacker to perform arbitrary commands without valid credentials, which may lead to the false distance code. (Fixed in April 2025 in versions of OTP-27.3.3, OTP-26.5.11 and OTP-25.3.20) Cve-2024-42009 (CVSS assessment: 9.3) – Vulnerability in crossed sites (XSS) in the Webmail RoundCube, which…

09 June 2025Red LakshmananState Security / Cyber ​​-Spy The intelligence activity aimed at the US cybersecurity campaign Sentinelone was part of a wider set of partially related invasion of several purposes between July 2024 and March 2025. “Victinology includes a state organization of South Asia, European media -organization and more than 70 organizations in a wide range of sectors,” – Sentinelone security researchers Alexandar Milekoski and Tom Hegel – Note In a report published today. Some of the target sectors include production, government, finance, telecommunications and research. Also, the victims was attended by IT services and a logistics company that…

Currently, which is covered by a critical security deficiency on the Wazur server World Botnet options and use them to make distributed service attacks (DDOS). Akamai, who first discovered efforts to operate in late March 2025, said Cve-2025-24016 (CVSS assessment: 9.9), an Dangerous vulnerability This allows you to execute the removed code on the Wazuh servers. A Security defectThe affecting all versions of the server software, including and above 4.4.0, was considered in February 2025 with output 4.9.1. Was exploited proof of concept (POC) publicly disclosed At about the same time, the patches were released. The problem is rooted in…

09 June 2025Hacker News You do not need a Rogue employee to suffer a violation. All you need is a free trial that someone has forgotten to cancel. A note that works on AI is quietly synchronized with your Google disk. Personal Gmail account is related to an important business instrument. It’s a shadow. And today it is not only about unauthorized applications, but also at rest, unmanaged identity, excessive SAAS tools and orphaned access. Most of it passes by even the most mature security solutions. Do you think your CASB or IDP covers it? This is not the case.…

Openai is disclosed What he banned the set of chatgpt accounts, which probably acted Russian -speaking threats and two Chinese groups on hacking nation -states to assist in malware, social media automation and satellite communications technology in the US. “The actor (Russian) used our models to assist in the development and clarification of malicious Windows programs, the code debugging in several languages ​​and to establish its infrastructure of teams and control,” Openai said in her report on threats. “The actor demonstrated the knowledge of Windows internal parts and demonstrated some prompt behavior.” The GO malware based SCopecreep artificial intelligence (AI)…

Cybersecurity researchers named Attack of the supply chain aimed at a dozen Gluestack -related packages for malware delivery. The malicious software entered through the shift of “lib/commonjs/index.js” allows the attacker to run Shell commands, take screenshots and upload files to infected machines, said Aikido Security The Hacker News, saying that these packages are almost 1 million booting. Unauthorized access can be used to perform various subsequent actions such as mining cryptocurrency, theft of sensitive information and even shutdown of services. Aikido said the first compromise of the package was discovered on June 6, 2025 at 21:33 GMT. List of affected…

June 8, 2025Red LakshmananSafety for malicious programs / browser Cybersecurity researchers shed light on a new company aimed at Brazilian users since the beginning of 2025 to infect users with malicious web browsers based on chromium and Siphon authentication data. “Some of the phishing emails were sent from the servers compromised companies, increasing the chances of a successful attack,” a positive Klimntiy technology security researcher – Note In the report. “The attackers used malicious expansion for Google Chrome, Microsoft Edge and brave browsers, as well as a network agent and a PDQ Connect Agent.” A Russian cybersecurity company that tracks…

Cybersecurity researchers warn about a new malware company that works Clickfix Social Engineering tactics to cheat users in downloading information theft of malicious software known as Atomic MacOS Steeler (Amos) on Apple MacOS Systems. According to Cloudsek, the company used Typosquat domains that mimic American telecommunications supplier. “MacOS users provide malicious shells designed for stealing systems – Note In a report published this week. “The script uses MacOS’s native teams to collect credentials, security mechanisms and malicious binary files.” It is believed that the activity is the work of Russian cybercriminals because of the Russian language comments in the source…

06 June 2025Hacker NewsCybercrime / Financial fraud The Central Bureau of Investigation of India (CBI) showed that it arrested four people and dismantled two illegal counting centers, which, as it was recognized, participated in the complex multinational technical support aimed at Japanese citizens. Law enforcement agencies said it had conducted coordinated searches in 19 places across Delhi, Harian and Uttar Pradesh on May 28, 2025 as part of the initiative called “Chakra V Operation”, which was aimed at combating financial crimes with cyber support. Cybercrime syndicates, according to CBI, deceived foreign citizens, mostly Japanese citizens, disguising as technical support for…