Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Chinese Hackers Exploit Windows Vulnerability Against European Diplomats Akshaya Asokan (asokan_akshaya) , David Perera (@daveperera) • November 5, 2025 Image: AR Pictures/Shutterstock Security researchers have reported that Chinese nation-state hackers are actively using a Windows vulnerability to target European…
Recent investigations by Trend Micro have revealed a targeted attack focusing on Docker remote API servers, where malicious actors are deploying the SRBMiner cryptocurrency miner on compromised instances. These findings underscore an alarming trend in cyberattacks utilizing the burgeoning popularity of containerized services. The analysis indicates that the attackers leveraged…
A sophisticated threat actor has been identified in a recent campaign utilizing Android malware disseminated through the Syrian e-Government Web Portal. This marks a significant evolution in the actor’s toolkit, reflecting an enhanced capability to exploit vulnerabilities for malicious purposes. According to researchers from Trend Micro—Zhengyu Dong, Fyodor Yarochkin, and…
Researchers have identified that two critical vulnerabilities in Windows operating systems are currently being exploited in widespread cyberattacks. One of these vulnerabilities is a zero-day flaw that has remained active since 2017, while the second is a significant bug that Microsoft has struggled to patch effectively. The zero-day vulnerability was…
On November 12, 2024, Microsoft disclosed that two significant security vulnerabilities affecting Windows NT LAN Manager (NTLM) and Task Scheduler have been actively exploited in the wild. These vulnerabilities were part of the November Patch Tuesday update, which addressed a total of 90 security flaws across Microsoft products. Among the…
Recent investigations by Lumen Technologies have unveiled the significant role of the Ngioweb malware in powering the well-known residential proxy service NSOCKS, along with related services such as VN5Socks and Shopsocks5. This revelation highlights the ongoing misuse of this malware in various cybercriminal operations. The telemetry data from Black Lotus…
Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Malware Captures Billions of Credentials Mathew J. Schwartz (euroinfosec) • October 24, 2025 Image: Shutterstock Credential theft via infostealers has escalated to alarming levels, as cybercriminals continuously adapt to enhanced security measures. By infiltrating corporate systems with malware that captures session…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
Recent analysis has revealed that the China-linked hacking group, known as Earth Estries, is employing a previously unidentified backdoor named GHOSTSPIDER in its cyber operations directed at telecommunications firms in Southeast Asia. This development highlights an evolving threat landscape, where traditional boundaries of cybersecurity are increasingly tested. Trend Micro, which…
