Cybersecurity Experts Uncover New Windows Backdoor Tied to DeathStalker Group Cybersecurity researchers announced on Thursday the discovery of an in-memory Windows backdoor, named “PowerPepper,” linked to a hacker-for-hire collective. This sophisticated malware is capable of executing malicious code remotely and extracting sensitive information from targets across Asia, Europe, and the…
In its February 2024 Patch Tuesday updates, Microsoft has issued fixes for 73 security vulnerabilities across its software ecosystem, including two zero-day flaws currently under active exploitation. Among these vulnerabilities, five have been categorized as Critical and 65 as Important, while three have a Moderate severity rating. This release also…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese-Linked Malware Campaign Targets Critical Environments With Weak Monitoring Chris Riotta (@chrisriotta) • December 4, 2025 Image: Shutterstock The U.S. federal government has issued a warning regarding a sophisticated malware campaign linked to Chinese state-sponsored actors, known as Brickstorm. This malicious software…
On Monday, Google revealed a sophisticated cyber campaign orchestrated by a North Korean state-sponsored group aimed at security researchers involved in vulnerability research and development. This latest information highlights the increasing threat posed by adversaries adept at manipulating credible sources in the cybersecurity community. The Threat Analysis Group (TAG) at…
Cisco Addresses Critical Security Flaw in Secure Client Software Cisco has recently issued patches to rectify a significant vulnerability in its Secure Client software, which poses a considerable risk of exploitation by malicious actors. This flaw allows intruders to initiate a VPN session impersonating a targeted user, potentially compromising sensitive…
A significant vulnerability recently disclosed in Kubernetes has raised alarms due to its potential for enabling remote code execution with elevated privileges. This vulnerability, labeled as CVE-2023-5528, affects all kubelet versions from 1.8.0 onwards and has been assigned a CVSS score of 7.2, indicating its severity. According to Akamai security…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
Mimecast Acknowledges Source Code Breach Linked to SolarWinds Attack In a recent disclosure, email security firm Mimecast announced that it fell victim to the state-sponsored attackers behind the SolarWinds breach, illustrating the ongoing risks associated with sophisticated cyber threats. The incident, detailed in their findings, revealed unauthorized access to some…
Purple Fox, previously known for infecting Windows systems through various exploit kits and phishing campaigns, has evolved to include a new propagation technique that resembles worm-like behavior. Recent findings indicate a substantial uptick in its activity, with Guardicore researchers reporting a 600% increase in incidents since May 2020. This latest…
