Follow on Google News
SloppyLemming targets Pakistan and Bangladesh with BurrowShell and a Rust-based RAT
A cyber-espionage group known as SloppyLemming has been linked to a year-long campaign targeting government and critical infrastructure organizations in Pakistan and Bangladesh. Recent reporting…
D-Shortiez malvertising campaign traps Safari users with back-button hijack tactics
A persistent malvertising operation known as D-Shortiez has been using forced redirects and browser-manipulation tricks to push users into scam pages, with iPhone and Safari…
LexisNexis breach claim raises fresh questions, but key details remain unverified
A threat actor calling itself FulcrumSec has claimed it stole 2.04 GB of data from LexisNexis Legal & Professional, allegedly after exploiting React2Shell, a critical…
Microsoft warns OAuth redirect abuse in Entra ID can power phishing and malware delivery
Microsoft says attackers are abusing a normal OAuth redirect behavior in Microsoft Entra ID to send victims from trusted login pages to attacker-controlled sites. The…
Zerobot now targets Tenda routers and n8n servers to spread Mirai-style malware
Zerobot is back, and this time it is going after both consumer networking gear and business automation servers. Akamai said on February 27 that its…
StegaBin uses malicious npm packages to steal developer credentials through a hidden multi-stage payload
A fresh software supply chain campaign is targeting developers through npm packages that appear harmless at first glance. Security reporting published around March 2 and…
Hackers are using Telegram to sell access to corporate VPN, RDP, and cloud accounts
Telegram has become a serious concern for enterprise defenders. Recent threat research shows that cybercriminals now use Telegram channels and bots to advertise stolen credentials,…
Iran cyber conflict widens after Epic Fury and Roaring Lion, but many attack claims still lack proof
The cyber side of the Iran conflict is clearly growing, but the picture is messy. After the United States and Israel launched their joint campaign…
Malvertising campaign tricks Mac users into installing AMOS infostealer through fake “how-to” pages
Attackers now use Google Search ads to lure macOS users onto fake help pages that tell them to paste a Terminal command. When the victim…
How to cut MTTR by improving threat visibility in your SOC
If you want to cut MTTR in a SOC, start with better threat visibility. Faster response usually does not begin with a new dashboard. It…
November 21, 2025
1 comment 
