Search results for: “network security”
-
Chinese State-Backed Hackers Weaponize Old Software Flaws for Global Espionage
Chinese state-backed hackers are exploiting old software vulnerabilities like Log4j and Microsoft IIS for global espionage, bypassing advanced defenses. This highlights the critical need for rigorous patch management against seemingly dated flaws.
-
Hidden “Logic Bombs” Found in Popular Software Packages, Threatening Future Industrial Sabotage and Data Corruption
Security researchers have uncovered a new wave of ‘logic bombs’ hidden within commonly used software, designed to disrupt critical industrial systems and corrupt databases, posing significant challenges for detection and forensic investigation.
-
SesameOp Backdoor Leverages OpenAI API for Stealthy Command and Control
Microsoft has identified a novel backdoor, dubbed “SesameOp,” that utilizes OpenAI’s Assistants API as a command-and-control (C2) channel. This sophisticated technique allows threat actors to stealthily orchestrate malicious activities within compromised environments, potentially evading traditional security measures.
-
U.S. Prosecutors Indict Three in BlackCat Ransomware Scheme
Federal prosecutors in the United States have indicted three individuals for allegedly operating as part of a BlackCat (ALPHV) ransomware operation, targeting five U.S. companies and extorting significant sums.
-
SleepyDuck Malware Evolves with Ethereum C2 Resilience
A new sophisticated remote access trojan, dubbed “SleepyDuck,” has been discovered in the Open VSX registry, a marketplace for IDE extensions. Initially published as a benign extension on October 31, 2025, it was updated on November 1, 2025, to include malicious capabilities and has since garnered over 14,000 downloads.
-
Remote Monitoring Tools Weaponized in Escalating Cargo Freight Hijacks
Threat actors are increasingly weaponizing legitimate remote monitoring and management (RMM) tools to hijack cargo freight, leading to significant disruptions in global supply chains. This sophisticated cyber-physical attack strategy involves compromising broker load boards, deploying phishing campaigns, and leveraging RMM tools to orchestrate the physical theft of goods, often in collaboration with organized crime groups.…
-
Aisuru Botnet Shifts to Residential Proxies for AI Data Harvesting
The Aisuru botnet has shifted from DDoS attacks to operating as a residential proxy service, enabling cybercriminals to anonymize traffic for illicit activities, including extensive data harvesting for AI projects, impacting 700,000 compromised IoT devices.
-
Canada Fines Cryptomus Over $176 Million for AML Violations Tied to Cybercrime
Canadian financial regulators have imposed an administrative monetary penalty of over $176 million on Xeltox Enterprises Ltd., operating as Cryptomus. The penalty from FINTRAC addresses the cryptocurrency payments platform’s significant non-compliance with anti-money laundering and anti-terrorist financing regulations, citing failures to report suspicious transactions linked to child exploitation, fraud, ransomware, and sanctions evasion. Investigations revealed…
-
Alleged Jabber Zeus Coder ‘MrICQ’ Extradited to U.S.
Yuriy Igorevich Rybtsov, known online as “MrICQ” and an alleged developer for the Jabber Zeus cybercrime group, has been arrested in Italy and extradited to the United States. He faces charges related to a scheme that allegedly stole tens of millions of dollars from U.S. businesses.
-
Microsoft Discovers SesameOp: A New Backdoor Using OpenAI’s Assistants API for Covert C2
Microsoft discovered SesameOp, a new backdoor that uses OpenAI’s Assistants API for covert command and control (C2) operations. This technique allows attackers to fetch commands and exfiltrate data through a trusted cloud service, making detection harder. Discovered in July 2025, SesameOp aims for long-term persistence, often a hallmark of espionage campaigns.