Ukraine’s leading law enforcement and counterintelligence agency has revealed the identities of five individuals allegedly involved in a series of digital intrusions tied to a cyber-espionage group known as Gamaredon, with connections to Russia’s Federal Security Service (FSB). This disclosure highlights the agency’s ongoing efforts to combat cyber threats directed…
RomCom Exploits Zero-Day Vulnerabilities in Firefox and Windows A sophisticated cyber operation attributed to the Russia-aligned threat actor known as RomCom has been reported, focusing on the exploitation of two zero-day vulnerabilities—one in Mozilla Firefox and another in Microsoft Windows. These attacks have been designed to deploy RomCom’s proprietary backdoor…
Recent cybersecurity analysis has uncovered the deployment of a newly identified binary called “Owowa,” specifically targeting Microsoft Exchange’s Outlook Web Access servers. This malicious Internet Information Services (IIS) web server module seeks to extract user credentials and facilitate remote command execution on compromised systems. The Owowa module, reportedly written in…
A persistent threat actor, suspected to have ties to an Indian cybersecurity firm, has been actively attacking military organizations in South Asia since at least September 2020. The targeted nations include Bangladesh, Nepal, and Sri Lanka, with various iterations of their specialized malware framework used in each assault. According to…
In an alarming series of spear-phishing attacks between October and November 2021, the Russia-linked advanced persistent threat group APT29 targeted European diplomatic missions and Ministries of Foreign Affairs. This activity showcases a troubling trend of cyberespionage aimed at sensitive political partners. ESET’s T3 2021 Threat Report, provided to The Hacker…
A noted advanced persistent threat (APT) group linked to Iran has updated its malware arsenal, introducing a new backdoor known as Marlin. This marks an ongoing espionage campaign that has been active since April 2018. The Slovak cybersecurity firm ESET has attributed these attacks, under the codename “Out to Sea”,…
Recent cybersecurity developments have revealed a significant escalation in cyberattacks aimed at Ukraine, coinciding with the country’s ongoing military conflict. Cybersecurity experts from ESET and Broadcom’s Symantec have reported the emergence of a new wiper malware, identified as HermeticWiper (also known as KillDisk.NCV), which has been actively deployed against numerous…
In a troubling escalation of cyber threats, a new strain of destructive malware named CaddyWiper has been identified amidst ongoing military tensions in Ukraine. This recent attack, discovered by Slovak cybersecurity firm ESET, adds to the alarm surrounding persistent cyber assaults as the conflict endures. Diving into the specifics, CaddyWiper…
Endpoint Security Undocumented Malware Found in Phony Messaging Apps Prajeet Nair (@prajeetspeaks) • October 3, 2025 The Remah Desert in the United Arab Emirates (Image: Robert Harding Video/Shutterstock) Security researchers have uncovered two previously undocumented Android spyware campaigns posing as updates for secure messaging applications Signal and ToTok. These campaigns…
