Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense.
The post Open VSX Downplays Impact From GlassWorm Campaign appeared first on SecurityWeek.
Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments.
The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware.
The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek.
The Akira ransomware group claims to have stolen 23GB of data from Apache OpenOffice, including employee and financial records, though the breach remains unverified.
Are you using a fake version of a popular app? Appknox warns US users about malicious brand clones hiding on third-party app stores. Protect yourself from hidden spyware and ‘commercial parasites.’
Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Window…
Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns.
The packages deployed malicious code harvesting system information, credentials, tokens, API keys, and other sensitive information.
The post 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times appeared first on SecurityWeek.
A new investigation from mobile security firm Zimperium has revealed a fast-growing cybersecurity threat targeting Android users through…
Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers.