7 Year Long ShadyPanda Attack Spied on 4.3M Chrome and Edge Users
Koi Security exposes ShadyPanda, a group that used trusted Chrome/Edge extensions to infect 4.3 million users over 7 years for deep surveillance and corporate espionage.
Backdoor
7 Year Long ShadyPanda Attack Spied on 4.3M Chrome and Edge Users
Koi Security exposes ShadyPanda, a group that used trusted Chrome/Edge extensions to infect 4.3 million users over 7 years for deep surveillance and corporate espionage.
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors
The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access.
The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek.
Cavalry Werewolf Hit Russian Government with New ShellNET Backdoor
Doctor Web uncovers a targeted cyberattack on a Russian government body by the Cavalry Werewolf group using a new ShellNET backdoor and Telegram-based control.
SesameOp Backdoor Abused OpenAI Assistants API for Remote Access
Microsoft researchers found the SesameOp backdoor using OpenAI’s Assistants API for remote access, data theft, and command communication.
SesameOp: New backdoor exploits OpenAI API for covert C2
Microsoft found a new backdoor, SesameOp, using the OpenAI Assistants API for stealthy command-and-control in hacked systems. Microsoft uncovered a new backdoor, named SesameOp, that abuses the OpenAI Assistants API for command-and-control, allowing covert communication within compromised systems. Microsoft Incident Response – Detection and Response Team (DART) researchers discovered the backdoor in July 2025 while […]
Bitter APT Exploiting Old WinRAR Vulnerability in New Backdoor Attacks
South Asian hacking group Bitter (APT-Q-37) is deploying a C# backdoor using two new methods: a WinRAR flaw and malicious Office XLAM files, targeting government and military sectors.
Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years
Cybersecurity researchers at Palo Alto Networks’ Unit 42 say Chinese APT Phantom Taurus breached Microsoft Exchange servers for years using a backdoor to spy on diplomats and defense data.
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor …
ChillyHell macOS Malware Resurfaces, Using Google.com as a Decoy
A previously dormant macOS threat, ChillyHell, is reviving. Read how this malware can bypass security checks, remain hidden,…