Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Malware Captures Billions of Credentials Mathew J. Schwartz (euroinfosec) • October 24, 2025 Image: Shutterstock Credential theft via infostealers has escalated to alarming levels, as cybercriminals continuously adapt to enhanced security measures. By infiltrating corporate systems with malware that captures session…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
Recent analysis has revealed that the China-linked hacking group, known as Earth Estries, is employing a previously unidentified backdoor named GHOSTSPIDER in its cyber operations directed at telecommunications firms in Southeast Asia. This development highlights an evolving threat landscape, where traditional boundaries of cybersecurity are increasingly tested. Trend Micro, which…
Recent investigations conducted by Qihoo 360’s Netlab security team have unveiled an emergent botnet named “Abcbot.” This entity demonstrates worm-like propagation methods, targeting Linux systems to execute distributed denial-of-service (DDoS) attacks on various victims. The botnet’s inception can be traced back to July 2021, yet its latest variants, identified as…
Data Breach at D-Link Exposes Legacy Information D-Link, a Taiwanese manufacturer specializing in networking equipment, has acknowledged a data breach that resulted in the exposure of information considered to be “low-sensitivity and semi-public.” The company clarified that the compromised data was not sourced from its cloud systems but rather likely…
A recently identified strain of ransomware, dubbed “White Rabbit,” has emerged, likely linked to the financially motivated threat actor known as FIN8. This malware was reportedly employed in an attack against a U.S.-based local bank in December 2021. According to research by Trend Micro, the technical characteristics of White Rabbit…
Cybersecurity experts have recently identified an extensive campaign designed to exploit vulnerabilities in AVTECH IP cameras and Huawei HG532 routers. This initiative has been largely successful in integrating these devices into a variant of the Mirai botnet known as the Murdoc Botnet. The ongoing operations reflect a significant escalation in…
In a troubling escalation of cyber threats, a new strain of destructive malware named CaddyWiper has been identified amidst ongoing military tensions in Ukraine. This recent attack, discovered by Slovak cybersecurity firm ESET, adds to the alarm surrounding persistent cyber assaults as the conflict endures. Diving into the specifics, CaddyWiper…
A newly addressed security vulnerability in the popular 7-Zip archiving tool has been actively exploited to distribute the SmokeLoader malware, raising significant concerns in the cybersecurity community. This vulnerability, identified as CVE-2025-0411, has a CVSS score of 7.0 and enables remote attackers to bypass mark-of-the-web (MotW) protections and run arbitrary…
