Daily CyberSecurity •

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack: 37.4 TB in 45 Seconds

Cloudflare DDoS, Record Attack

Cybercriminals

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack: 37.4 TB in 45 Seconds

June 23, 2025

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

Shadow Vector, RAT Malware

Cybercriminals

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

June 23, 2025

Crypto Tax Scam Sweeps Europe: Fake Government Sites Drain Wallets Via Seed Phrase Theft & Malicious Web3

methods

Cybercriminals

Crypto Tax Scam Sweeps Europe: Fake Government Sites Drain Wallets Via Seed Phrase Theft & Malicious Web3

June 21, 2025

Search Hijacking: Cybercriminals Turn Google Ads into Tech Support Scam Portals

phone phishing

Cybercriminals

Search Hijacking: Cybercriminals Turn Google Ads into Tech Support Scam Portals

June 21, 2025

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Confucius APT, Anondoor Backdoor

Malware

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

June 23, 2025

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus

Prometei Botnet, Linux Malware

Malware

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus

June 23, 2025

Mocha Manakin: New Threat Group Uses “Paste and Run” to Deploy Custom NodeJS RAT!

Mocha Manakin, NodeInitRAT

Malware

Mocha Manakin: New Threat Group Uses “Paste and Run” to Deploy Custom NodeJS RAT!

June 23, 2025

RapperBot Resurfaces: 50,000+ Bots Demand Monero Extortion in New DDoS Campaigns

RapperBot Botnet, DDoS Extortion

Malware

RapperBot Resurfaces: 50,000+ Bots Demand Monero Extortion in New DDoS Campaigns

June 23, 2025

Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants

Login Credentials, Data Leak CVE-2024-47191 - OATH-Toolkit

Data Leak

Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants

June 20, 2025

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom

Paraguay Data Breach, Ransomware

Data Leak

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom

June 17, 2025

SmartAttack: Turning Your Smartwatch into a Spy Tool for Air-Gapped Networks

Smartwatch Hacking, Air-Gapped Data Exfiltration

Data Leak

SmartAttack: Turning Your Smartwatch into a Spy Tool for Air-Gapped Networks

June 16, 2025

Android’s Secret Tracking: Meta & Yandex Abused Localhost for User Data

Android Tracking

Data Leak

Android’s Secret Tracking: Meta & Yandex Abused Localhost for User Data

June 9, 2025

Windows Update’s Driver Purge: Smoother Updates, or Hidden Headaches? Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Windows Update’s Driver Purge: Smoother Updates, or Hidden Headaches?

Ddos June 23, 2025

NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls Fortinet Malware, Cyber-Espionage

Fortinet Malware, Cyber-Espionage

NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls

Ddos June 23, 2025

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft Visualization of attack chain

Visualization of attack chain

North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft

Ddos June 23, 2025

EKS Security Alert: Overprivileged Containers Exposing AWS Credentials via Unencrypted API aws

aws

EKS Security Alert: Overprivileged Containers Exposing AWS Credentials via Unencrypted API

Ddos June 23, 2025

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response ANPR Camera, Path Traversal

ANPR Camera, Path Traversal

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response

Ddos June 22, 2025

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal

Ddos June 21, 2025

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug IBM QRadar, Critical Vulnerabilities

IBM QRadar, Critical Vulnerabilities

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug

Ddos June 21, 2025

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry OAST techniques StilachiRAT macOS Malware PasivRobber

OAST techniques StilachiRAT macOS Malware PasivRobber

Fileless Masslogger Infostealer Spreading via VBScript (.VBE) & Hiding in Your Registry

Ddos June 21, 2025

Iran Plunges into Near-Total Internet Blackout Amid Escalating Cyberwar with Israel Iran Internet Shutdown, Cyberwarfare

Iran Internet Shutdown, Cyberwarfare

Iran Plunges into Near-Total Internet Blackout Amid Escalating Cyberwar with Israel

Ddos June 20, 2025

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Ddos June 20, 2025

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery

Ddos June 20, 2025

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers Android Spyware, SpyNote

Android Spyware, SpyNote

Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers

Ddos June 20, 2025

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data Android Trojan, AntiDot Android Malware "BadPack"

Android Trojan, AntiDot Android Malware "BadPack"

AntiDot Android Trojan: New MaaS Malware Records Screens, Intercepts SMS, & Steals Financial Data

Ddos June 20, 2025

iOS on Nintendo Switch: Technical Feat Achieved, But Performance is a “Kernel Crash” Nightmare iOS on Switch, QEMU Virtualization

iOS on Switch, QEMU Virtualization

iOS on Nintendo Switch: Technical Feat Achieved, But Performance is a “Kernel Crash” Nightmare

Ddos June 20, 2025

Microsoft 365 Boosts Security: Legacy File Access Protocols RPS & FrontPage RPC Phased Out July 2025 Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Protocol Deprecation Microsoft 365 Updates, IT Admin Alert Microsoft 365 VPN shut down Microsoft Authenticator, password manager Windows 10 Microsoft 365 Microsoft nonprofit policy, software donations

Microsoft 365 Boosts Security: Legacy File Access Protocols RPS & FrontPage RPC Phased Out July 2025

Ddos June 20, 2025

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

Ddos June 20, 2025

Banana Squad Strikes Again: 60+ GitHub Repositories Trojanized in New Software Supply Chain Attack trojan

trojan

Banana Squad Strikes Again: 60+ GitHub Repositories Trojanized in New Software Supply Chain Attack

Ddos June 20, 2025

Russian APT UNC6293 Exploits Google Application-Specific Passwords to Hack Critics russia

russia

Russian APT UNC6293 Exploits Google Application-Specific Passwords to Hack Critics

Ddos June 20, 2025

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub mods

mods

Stargazers Ghost Network: Minecraft Mods Used to Distribute Multi-Stage Stealers via GitHub

Ddos June 20, 2025

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals North Korean APT, PylangGhost

North Korean APT, PylangGhost

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals

Ddos June 20, 2025