Hackers Use NFC Relay Malware to Clone Tap-to-Pay Android Transactions
A new investigation from mobile security firm Zimperium has revealed a fast-growing cybersecurity threat targeting Android users through…
Hackers Hijack Corporate XWiki Servers for Crypto Mining
Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers.
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors, likely linked to the APT Sandworm, targeted Ukrainian organizations to steal sensitive data and maintain long-term network access, Symantec Threat Hunter Team and Carbon Black report. […]
Herodotus Android malware mimics human typing to evade detection
Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics human typing by adding random delays to evade detection. Herodotus allows operators to takeover devices and bypass behaviour biometrics detection, it is offered as a malware-as-a-service (MaaS). The researchers […]
Aisuru botnet is behind record 20Tb/sec DDoS attacks
A new Mirai-based IoT botnet, dubbed Aisuru, was used to launch multiple high-impact DDoS attacks exceeding 20Tb/sec and/or 4gpps. In October 2025, the Aisuru Mirai-based IoT botnet launched massive DDoS attacks of over 20Tb/sec, mainly targeting online gaming, cybersecurity firm Netscout reports. The botnet uses residential proxies to reflect HTTPS DDoS attacks. Its nodes are […]
Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät
Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected. Hackers breached Sweden’s state-owned power grid operator Svenska kraftnät, stealing data from an isolated file transfer system. The power grid operations were not impacted by the cyber incident. The Swedish company on Monday disclosed […]
RedTiger Malware Steals Data, Discord Tokens and Even Webcam Images
A new Python-based infostealer called RedTiger is targeting Discord gamers to steal authentication tokens, passwords, and payment information. Learn how the malware works, its evasion tactics, and essential security steps like enabling MFA.
Ransomware payments hit record low: only 23% Pay in Q3 2025
Only 23% of ransomware victims paid in Q3 2025, the lowest ever, continuing a six-year decline in payment rates, Coveware reports. Cybersecurity firm Coveware reports that only 23% of ransomware victims paid attackers in Q3 2025, the lowest rate ever recorded. The researchers note this continues a six-year decline in payment rates. After 28% of […]
Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.
Kaspersky links the first Chrome zero-day of 2025 to tools used in attacks attributed to Memento Labs, formerly known as the Hacking Team. The actor behind Operation ForumTroll used the same tools seen in Dante spyware attacks. Kaspersky researchers linked the first Chrome zero-day of 2025 (CVE-2025-2783), a sandbox escape flaw, to the arsenal of […]
New HyperRat Android Malware Sold as Ready-Made Spy Tool
Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features.