North Korea’s TA406 Targets Ukraine for Intel
The threat group’s goal is to help Pyongyang assess risk to its troops deployed in Ukraine and to figure out if Moscow might want more.
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021. “He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands,” officials said in a statement Monday. In conjunction with the
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers
A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. “These exploits have resulted in a collection of related user data from targets in Iraq,” the Microsoft Threat Intelligence team said. “The targets of the attack…
NSO Group’s Legal Loss May Do Little to Curtail Spyware
The $168 million judgment against NSO Group underscores how citizens put little store in the spyware industry’s justifications for circumventing security — but will it matter?
Attackers Lace Fake Generative AI Tools With ‘Noodlophile’ Malware
Threat actors are scamming users by advertising legitimate-looking generative AI websites that, when visited, install credential-stealing malware onto the victim’s computer.
4 Hackers Arrested After Millions Made in Global Botnet Business
The cybercriminals infected older wireless Internet routers with Anyproxy and 5socks malware in order to reconfigure them — all without the users’ knowledge.
Can Cybersecurity Keep Up In the AI Arms Race?
New research shows China is quickly catching up with the US in AI innovation. Experts weigh in on what it means for cyber defenders.
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files
ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that’s designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by…
Vulnerability Detection Tops Agentic AI at RSAC’s Startup Competition
Agentic-native startups threaten to reduce the zero-day problem to just a zero-hour issue. Of course, AI agents will accelerate offensive attacks as well.
⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks—because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It’s not just…