Reza Rafati
-
Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
A previously unidentified threat cluster, codenamed UNK_SmudgedSerpent, has been linked to a series of cyberattacks targeting academics and foreign policy experts in the U.S. during June-August 2025.
-
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the United States have indicted three individuals, including cybersecurity professionals, for allegedly hacking into the networks of five U.S. companies using BlackCat (also known as ALPHV) ransomware between May and November 2023. The group is accused of deploying the ransomware and extorting victims for cryptocurrency payments.
-
WordPress Sites Targeted by Critical Post SMTP Plugin Vulnerability
A critical vulnerability in the Post SMTP WordPress plugin (CVE-2025-11833) is actively being exploited, risking websites with over 400,000 active installations. Attackers can access email logs to intercept sensitive information, reset administrator passwords, and gain full control of websites. The vulnerability was discovered on October 11, 2025, and a patch (version 3.6.1) was released on…
-
U.S. Prosecutors Indict Three in BlackCat Ransomware Scheme
Federal prosecutors in the United States have indicted three individuals for allegedly operating as part of a BlackCat (ALPHV) ransomware operation, targeting five U.S. companies and extorting significant sums.
-
YouTube Ghost Network Leverages Deceptive Tactics for Widespread Malware Distribution
A sophisticated and coordinated malware distribution operation, dubbed the “YouTube Ghost Network” by Check Point Research, has been actively exploiting YouTube’s features to promote malicious content and distribute information-stealing malware.
-
Aisuru Botnet Shifts to Residential Proxies for AI Data Harvesting
The Aisuru botnet has shifted from DDoS attacks to operating as a residential proxy service, enabling cybercriminals to anonymize traffic for illicit activities, including extensive data harvesting for AI projects, impacting 700,000 compromised IoT devices.
-
Canada Fines Cryptomus Over $176 Million for AML Violations Tied to Cybercrime
Canadian financial regulators have imposed an administrative monetary penalty of over $176 million on Xeltox Enterprises Ltd., operating as Cryptomus. The penalty from FINTRAC addresses the cryptocurrency payments platform’s significant non-compliance with anti-money laundering and anti-terrorist financing regulations, citing failures to report suspicious transactions linked to child exploitation, fraud, ransomware, and sanctions evasion. Investigations revealed…
-
Balancer DeFi Protocol Suffers $128 Million Exploit
A recent exploit on the Balancer DeFi protocol’s v2 pools led to a staggering loss of over $128 million, underscoring persistent security challenges in the cryptocurrency landscape.
-
OpenAI’s Aardvark Aims to Redefine Software Security with Autonomous AI
OpenAI introduces Aardvark, an autonomous AI agent powered by GPT-5, designed to automatically detect, validate, and fix software vulnerabilities, aiming to redefine software security.
-
Swedish Authority Investigates Major Data Leak Impacting 1.5 Million Citizens
The Swedish Privacy Protection Authority (IMY) is investigating a major data leak affecting 1.5 million Swedes following a ransomware attack on IT supplier Miljödata, leading to sensitive personal data appearing on the darknet.