Cybersecurity researchers have recently unveiled a new modular backdoor malware named “ModPipe,” targeting Oracle’s point-of-sale (POS) restaurant management software with the intent of stealing sensitive payment information. The discovery highlights a growing trend in cyber threats towards payment processing systems where attackers exploit vulnerabilities to access critical data. ModPipe specifically…
In a significant revelation, cybersecurity researchers have exposed a sophisticated backdoor and document-stealing malware that operated undetected from 2015 to early 2020. Dubbed “Crutch” by ESET, this malware has been linked to the notorious Turla group, a Russia-based advanced persistent threat (APT) known for targeting governments, embassies, and military institutions…
Recent reports reveal a sophisticated supply-chain attack targeting the Vietnam Government Certification Authority (VGCA). This breach involved the manipulation of the agency’s digital signature toolkit, allowing hackers to implant a backdoor into affected systems. The incident was brought to light by Slovak cybersecurity firm ESET, which identified the assault, referred…
In the third quarter of 2025, the Internet experienced a significant spike in cyberattacks, as documented in a thorough DDoS threat report from Cloudflare, a leading web security and infrastructure firm. This surge was notably driven by a prominent IoT botnet known as Aisuru, which executed some of the largest…
A recent report by Recorded Future has revealed a sophisticated cyber espionage campaign attributed to threat actors with ties to Belarus and Russia. This operation has reportedly taken advantage of cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers, targeting over 80 organizations predominantly based in Georgia, Poland, and Ukraine. The…
MuddyWater Utilizes Game Delay Tactic for Malware Deployment David Perera (@daveperera) • December 2, 2025 Image: Larisa Potekhina/Shutterstock Recent analyses by cybersecurity researchers reveal that Iranian state-sponsored hackers have adopted a unique method to hide malware, drawing parallels with the classic mobile game Snake. These findings indicate that hackers have…
In a recent development, cybersecurity researchers uncovered an ongoing surveillance initiative targeting Colombian government institutions and private enterprises within the energy and metallurgical sectors. This attack campaign, referred to as “Operation Spalax,” was detailed in a report released Tuesday by ESET, a Slovak cybersecurity firm. The operation first began in…
In a recent cybersecurity development, Microsoft addressed critical zero-day vulnerabilities within its on-premises Exchange Server software through a series of out-of-band patches. Following these updates, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent directive alerting organizations to the “active exploitation” of these vulnerabilities. This warning follows Microsoft’s…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
