Collaborate Disseminate
A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this acti… Continue reading Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately… Continue reading Ransomware payments plummet as more victims refuse to pay
The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation Organization and NATO), Spanish universities and companies, and released stol… Continue reading Suspected NATO, UN, US Army hacker arrested in Spain
XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. Acco… Continue reading Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no pat… Continue reading Swap EOL Zyxel routers, upgrade Netgear ones!
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. “The in… Continue reading Crypto-stealing iOS, Android malware found on App Store, Google Play
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-… Continue reading Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least sevente… Continue reading Casio UK site compromised, equipped with web skimmer
Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started on Ja… Continue reading DeepSeek’s popularity exploited to push malicious packages via PyPI
Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a hard-coded IP address and have a backdoor that can be used to download and execute un… Continue reading Patient monitors with backdoor are sending info to China, CISA warns