MuddyWater Utilizes Game Delay Tactic for Malware Deployment David Perera (@daveperera) • December 2, 2025 Image: Larisa Potekhina/Shutterstock Recent analyses by cybersecurity researchers reveal that Iranian state-sponsored hackers have adopted a unique method to hide malware, drawing parallels with the classic mobile game Snake. These findings indicate that hackers have…
In a recent development, cybersecurity researchers uncovered an ongoing surveillance initiative targeting Colombian government institutions and private enterprises within the energy and metallurgical sectors. This attack campaign, referred to as “Operation Spalax,” was detailed in a report released Tuesday by ESET, a Slovak cybersecurity firm. The operation first began in…
In a recent cybersecurity development, Microsoft addressed critical zero-day vulnerabilities within its on-premises Exchange Server software through a series of out-of-band patches. Following these updates, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent directive alerting organizations to the “active exploitation” of these vulnerabilities. This warning follows Microsoft’s…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
A hacking group, active in the Middle East since at least 2017, has been detected impersonating popular messaging applications like Telegram and Threema. This tactic is part of their strategy to deploy a new variant of malware targeting Android devices, a threat that had not been previously documented. According to…
A threat actor historically known for its watering hole attacks against governmental organizations has recently been tied to a series of new cyber intrusions affecting various entities across Central Asia and the Middle East. This malicious activity, designated as “EmissarySoldier,” is attributed to the cyber espionage group identified as LuckyMouse…
Emergence of Gelsemium: A New Player in Supply Chain Cyberattacks A formidable new cyber espionage group, known as Gelsemium, has recently come under scrutiny following its association with a supply chain attack targeting the NoxPlayer Android emulator. This malicious campaign was initially revealed earlier this year and has raised significant…
Critical Vulnerability Discovered in Firefox Exposed to Exploitation Mozilla has announced the discovery of a significant security vulnerability affecting both Firefox and the Firefox Extended Support Release (ESR). This flaw, tracked as CVE-2024-9680, has been identified as a use-after-free bug within the Animation timeline component and carries a CVSS score…
One of the most formidable hacking entities globally, the Russian state-backed group known as Sandworm, has executed a series of destructive cyberattacks amid the ongoing conflict with Ukraine, according to recent findings released by cybersecurity researchers. In April, Sandworm specifically targeted a Ukrainian university with dual wipers—malicious software designed to…
