Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
SleepyDuck Malware Redefines C2 Resilience with Ethereum Blockchain
A dangerous new remote access trojan (RAT), dubbed SleepyDuck, is leveraging an Ethereum blockchain contract to maintain an incredibly resilient command and control (C2) infrastructure. This isn’t just another piece of malware; it’s a sophisticated threat that can update its C2 server address on the fly, making it notoriously difficult to shut down. This innovative,…
-
New Vulnerabilities Found in Windows Graphics Core, Raising Security Concerns
Security researchers have uncovered critical vulnerabilities in Microsoft’s Windows Graphics Device Interface (GDI), potentially allowing remote code execution and information disclosure. Patches have been released, but continuous vigilance is crucial for Windows users.
-
OpenAI’s Aardvark Aims to Redefine Software Security with Autonomous AI
OpenAI introduces Aardvark, an autonomous AI agent powered by GPT-5, designed to automatically detect, validate, and fix software vulnerabilities, aiming to redefine software security.
-
New TEE.fail Side-Channel Attack Compromises Intel and AMD Trusted Execution Environments
A new low-cost physical side-channel attack, TEE.fail, bypasses Intel and AMD Trusted Execution Environments, allowing cryptographic key extraction and subversion of secure attestation, according to researchers. This attack highlights critical vulnerabilities in confidential computing architectures.
-
Swedish Authority Investigates Major Data Leak Impacting 1.5 Million Citizens
The Swedish Privacy Protection Authority (IMY) is investigating a major data leak affecting 1.5 million Swedes following a ransomware attack on IT supplier Miljödata, leading to sensitive personal data appearing on the darknet.
-
New Android Trojans BankBot-YNRK and DeliveryRAT Target Financial Data
Cybersecurity researchers have identified BankBot-YNRK and DeliveryRAT, two sophisticated Android trojans actively exfiltrating sensitive financial data and cryptocurrency assets. These threats employ advanced evasion techniques and malware-as-a-service models, with a related trend of NFC misuse for payment data theft.
-
Conti Ransomware Suspect Extradited to US, Faces Charges
Oleksii Oleksiyovych Lytvynenko, a Ukrainian national, has been extradited from Ireland to the United States to face charges of conspiracy related to the deployment of the Conti ransomware. This marks a significant international effort against cybercrime.
-
Australian Signals Directorate Warns of Ongoing BADCANDY Cyberattacks on Cisco IOS XE Devices
The Australian Signals Directorate (ASD) has issued a bulletin regarding ongoing cyberattacks targeting unpatched Cisco IOS XE devices in Australia, utilizing a previously undocumented implant identified as BADCANDY. These attacks exploit CVE-2023-20198, a critical vulnerability that allows remote, unauthenticated attackers to gain elevated privileges.
-
Ukrainian Intelligence Reports Systemic Economic Decline in Russia
Ukrainian intelligence reports indicate a systemic economic decline in Russia, marked by significant reductions in corporate profits, increasing financial instability, and widespread inability to generate profit across key sectors like coal, services, metallurgy, and energy.
-
US Agencies Propose Ban on TP-Link Networking Devices Over Security Concerns
The US government is reportedly considering a ban on TP-Link networking devices due to national security concerns, following an investigation by federal agencies. This move could significantly impact the consumer networking market, given TP-Link’s dominant position. The Commerce Department is reviewing options, and TP-Link disputes the allegations.