Computer hacker holding a large metal lock and key
Posted inCybersecurity News

Researchers reveal attack vectors, tools, and infrastructure used by the Gold Melody group, who are exploiting leaked cryptographic Machine Keys from ASP.NET web applications.

A recent threat intelligence report, TGR-CRI-0045, has shed light on the advanced tactics and infrastructure used by a sophisticated initial access broker (IAB) group. This group, tracked as TGR-CRI-0045 and linked to the threat actor known as Gold Melody (also called UNC961 or Prophet Spider), has been implicated in a series of attacks targeting organizations across Europe and the United States. The main sectors affected include financial services, manufacturing, wholesale and retail, high technology, and transportation and logistics.
Study reveals proliferation of Infostealers-as-a-Service (IaaS) is fueling dramatic increase in credential theft.
Posted inCybersecurity News

Study reveals proliferation of Infostealers-as-a-Service (IaaS) is fueling dramatic increase in credential theft.

The cyber threat landscape is undergoing a seismic shift, with identity-based attacks reaching unprecedented levels, according to a new report from cybersecurity firm eSentire. The study reveals that the proliferation of Infostealers-as-a-Service (IaaS) and Phishing-as-a-Service (PhaaS) platforms is fueling a dramatic increase in credential theft and subsequent cyber incidents across organizations of all sizes.
SAP releases 27 new security updates, including 6 that address critical vulnerabilities.
Posted inCybersecurity News

SAP releases 27 new security updates, including 6 that address critical vulnerabilities.

SAP announced the release of 27 new and four updated security notes as part of its July 2025 Security Patch Day on Tuesday, July 8, 2025. This comprehensive update addresses a range of vulnerabilities across SAP’s product portfolio, including six critical flaws that could have significant security implications for organizations worldwide.
Report finds sophisticated network of 17,000 fake news websites used to promote investment fraud.
Posted inCybersecurity News

Report finds sophisticated network of 17,000 fake news websites used to promote investment fraud.

A new report from cybersecurity firm CTM360 has uncovered a vast and sophisticated network of more than 17,000 fake news websites fueling investment fraud on a global scale. The findings, detailed in CTM360’s “BaitTrap” report, highlight the growing threat posed by these so-called Baiting News Sites (BNS), which have been identified in over 50 countries.
Italian authorities have apprehended a suspected key member of China’s state-sponsored cyberespionage group, Silk Typhoon.
Posted inCybersecurity News

Italian authorities have apprehended a suspected key member of China’s state-sponsored cyberespionage group, Silk Typhoon.

Italian authorities have detained Xu Zewei, a 33-year-old Chinese national, at Milan Malpensa Airport on July 3, 2025, following an international warrant issued by the United States. Xu, also known by the aliases Zavier Xu and David Xu, is suspected of being a key member of Silk Typhoon—also known as Hafnium—a notorious Chinese state-sponsored cyberespionage group.
Cybersecurity community raises alarms over RondoDox and its sophisticated exploitation of TKB DVRs and Four-Faith routers.
Posted inCybersecurity News

Cybersecurity community raises alarms over RondoDox and its sophisticated exploitation of TKB DVRs and Four-Faith routers.

A newly discovered botnet, dubbed RondoDox, is raising alarms across the cybersecurity community due to its sophisticated exploitation of vulnerabilities in TBK digital video recorders (DVRs) and Four-Faith routers. By targeting these often-overlooked devices, RondoDox is able to conscript large numbers of endpoints into its network, using them to launch powerful distributed denial-of-service (DDoS) attacks. Researchers say the botnet’s advanced evasion techniques and destructive persistence mechanisms mark a significant escalation in the threat landscape for IoT and networked device security.
Decade-old critical buffer overflow vulnerability in open-source Multi-Router Looking Glass (MRLG) is being actively exploited in the wild.
Posted inCybersecurity News

Decade-old critical buffer overflow vulnerability in open-source Multi-Router Looking Glass (MRLG) is being actively exploited in the wild.

A critical buffer overflow vulnerability, identified as CVE-2014-3931, was discovered in Multi-Router Looking Glass (MRLG), a widely used network diagnostic tool, more than a decade ago. This flaw affects MRLG versions prior to 5.5.0 and poses a significant security risk, as it allows remote attackers to execute arbitrary code, potentially compromising the integrity and security of affected systems. CISA today added it to the CISA Known Exploited Vulnerabilities (KEV) Catalog indicating widespread exploitation is taking place.
The threat landscape for macOS users has shifted dramatically with the latest evolution of the Atomic macOS Stealer (AMOS).
Posted inCybersecurity News

The threat landscape for macOS users has shifted dramatically with the latest evolution of the Atomic macOS Stealer (AMOS).

The notorious Atomic macOS Stealer (AMOS) infostealer, previously known for its ability to exfiltrate sensitive data from Apple computers, now features a sophisticated backdoor component. This enhancement allows cybercriminals to maintain persistent, remote access to compromised systems, significantly increasing the potential for long-term exploitation.