Researchers have identified that two critical vulnerabilities in Windows operating systems are currently being exploited in widespread cyberattacks. One of these vulnerabilities is a zero-day flaw that has remained active since 2017, while the second is a significant bug that Microsoft has struggled to patch effectively. The zero-day vulnerability was…
On November 12, 2024, Microsoft disclosed that two significant security vulnerabilities affecting Windows NT LAN Manager (NTLM) and Task Scheduler have been actively exploited in the wild. These vulnerabilities were part of the November Patch Tuesday update, which addressed a total of 90 security flaws across Microsoft products. Among the…
Recent investigations by Lumen Technologies have unveiled the significant role of the Ngioweb malware in powering the well-known residential proxy service NSOCKS, along with related services such as VN5Socks and Shopsocks5. This revelation highlights the ongoing misuse of this malware in various cybercriminal operations. The telemetry data from Black Lotus…
Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Malware Captures Billions of Credentials Mathew J. Schwartz (euroinfosec) • October 24, 2025 Image: Shutterstock Credential theft via infostealers has escalated to alarming levels, as cybercriminals continuously adapt to enhanced security measures. By infiltrating corporate systems with malware that captures session…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
Recent analysis has revealed that the China-linked hacking group, known as Earth Estries, is employing a previously unidentified backdoor named GHOSTSPIDER in its cyber operations directed at telecommunications firms in Southeast Asia. This development highlights an evolving threat landscape, where traditional boundaries of cybersecurity are increasingly tested. Trend Micro, which…
Recent investigations conducted by Qihoo 360’s Netlab security team have unveiled an emergent botnet named “Abcbot.” This entity demonstrates worm-like propagation methods, targeting Linux systems to execute distributed denial-of-service (DDoS) attacks on various victims. The botnet’s inception can be traced back to July 2021, yet its latest variants, identified as…
Data Breach at D-Link Exposes Legacy Information D-Link, a Taiwanese manufacturer specializing in networking equipment, has acknowledged a data breach that resulted in the exposure of information considered to be “low-sensitivity and semi-public.” The company clarified that the compromised data was not sourced from its cloud systems but rather likely…
A recently identified strain of ransomware, dubbed “White Rabbit,” has emerged, likely linked to the financially motivated threat actor known as FIN8. This malware was reportedly employed in an attack against a U.S.-based local bank in December 2021. According to research by Trend Micro, the technical characteristics of White Rabbit…
