Recent investigations by Cybereason have revealed that the Gootkit malware, also known as Gootloader, is primarily targeting healthcare and financial entities across the United States, United Kingdom, and Australia. These findings shed light on the evolving threat landscape, emphasizing the need for heightened vigilance in these sectors. In a December…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development, The Future of AI & Cybersecurity HexStrike-AI Integrates LLMs with Over 150 Security Tools Rashmi Ramesh (rashmiramesh_) • September 5, 2025 Image: Shutterstock In a troubling development, hackers have swiftly adopted an open-source offensive security framework to exploit vulnerabilities in…
Recent reports indicate that the Medusa ransomware-as-a-service (RaaS) group is employing a malicious driver named ABYSSWORKER in a sophisticated attack utilizing a bring your own vulnerable driver (BYOVD) strategy aimed at sabotaging anti-malware systems. According to Elastic Security Labs, a recent incident involving Medusa ransomware utilized a loader that had…
Cyber Espionage Suspected in South American Diplomatic Attacks On Monday, Microsoft announced it has linked a China-based cyber espionage group to a series of attacks targeting diplomatic organizations in South America. The tech conglomerate’s Security Intelligence team is closely monitoring this group under the identifier DEV-0147. They characterized the recent…
Telecommunications Giant Targeted by State-Sponsored Hackers A prominent telecommunications company in Asia was reportedly infiltrated for over four years by Chinese state-sponsored hackers, as revealed in a recent report by cybersecurity firm Sygnia. Although the identity of the affected telecom provider remains undisclosed, the incident highlights the vulnerabilities in critical…
In a concerning revelation, the Computer Emergency Response Team of Ukraine (CERT-UA) has reported three cyberattacks targeting state administration and critical infrastructure. The objective of these attacks appears to be data theft from sensitive governmental entities. According to CERT-UA, the coordinated campaign utilized compromised email accounts to dispatch phishing emails.…
A new and sophisticated post-exploitation framework known as EXFILTRATOR-22, or EX-22, has surfaced, designed to facilitate ransomware deployment within enterprise networks while maintaining stealth. This tool presents a range of features that streamline the post-exploitation process, making it increasingly accessible for cybercriminals, as outlined in a recent report by cybersecurity…
In recent months, six law firms fell victim to distinct cybersecurity threats targeting them with GootLoader and FakeUpdates (also known as SocGholish) malware during January and February 2023. These campaigns highlight an alarming trend in the increasing sophistication of cyber attacks aimed at the legal sector. GootLoader, a downloader first…
A recent report has identified a China-linked threat actor, referred to as Chaya_004, actively exploiting a critical vulnerability in SAP NetWeaver. This attack leverages the flaw CVE-2025-31324, which has been assigned a maximum CVSS score of 10.0. The malicious activity linked to this actor has been ongoing since April 29,…
