GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware
A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…
Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery
Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors.
The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek.
Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices
New report by Unit 42 reveals the Hamas-linked Ashen Lepus (WIRTE) group is using the AshTag malware suite to target Middle Eastern diplomatic and government entities with advanced, hidden tactics.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter UDPGangster Campaigns Target Multiple Countries Ransomware Trends in Bank Secrecy Act Data Between 2022 and 2024 Return of ClayRat: Expanded Features and Techniques SEEDSNATCHER : Dissecting an Android Malware Targeting Multiple Crypto Wallet Mnemonic […]
Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found an unsecured 16TB database containing 4.3B professional records Germany calls in Russian Ambassador over […]
Hackers Launch Rust-Based Luca Stealer Targeting Linux and Windows
Cybercriminals are increasingly abandoning traditional programming languages like C and C++ in favor of modern alternatives such as Rust, Golang, and Nim. This strategic shift enables threat actors to write malicious code once and compile it for both W…
Fake Microsoft Teams and Google Meet Downloads Spread Oyster Backdoor
The Oyster backdoor (also known as Broomstick) is targeting the financial world, using malicious search ads for PuTTY, Teams, and Google Meet.
New PyStoreRAT Malware Targets OSINT Researchers Through GitHub
A new malware called PyStoreRAT is being through fake OSINT tools on GitHub targeting IT and OSINT pros. Read Morphisec’s report detailing how it uses AI and evades security.
Elastic detects stealthy NANOREMOTE malware using Google Drive as C2
Elastic found a new Windows backdoor, NANOREMOTE, similar to FINALDRAFT/REF7707, using the Google Drive API for C2. Elastic Security Labs researchers uncovered NANOREMOTE, a new Windows backdoor that uses the Google Drive API for C2. Elastic says it shares code with the FINALDRAFT (Squidoor) implant, which uses Microsoft Graph API and is linked to threat […]
Critical Gogs zero-day under attack, 700 servers hacked
Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers. Gogs is a self-hosted Git service, similar to GitHub, GitLab, or Bitbucket, but designed to be lightweight and easy to deploy. It allows individuals or organizations to host their own Git repositories on their servers, offering features like version […]