cyber security

B1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for FreeB1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for Free

B1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for Free

In a significant escalation of illicit activities, B1ack’s Stash, a notorious dark web carding marketplace, has announced plans to release…

1 week ago
Pakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android UsersPakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android Users

Pakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android Users

A Pakistan-based Advanced Persistent Threat (APT) group, likely APT36, has launched a multi-platform cyberattack campaign targeting Indian users through a…

1 week ago
New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote AccessNew IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access

New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access

A new malware strain called IOCONTROL has emerged, posing a significant threat to Internet of Things (IoT) devices and operational…

1 week ago
Production Line Camera Flaws Allow Hackers to Disable RecordingsProduction Line Camera Flaws Allow Hackers to Disable Recordings

Production Line Camera Flaws Allow Hackers to Disable Recordings

Nozomi Networks Labs has uncovered four severe vulnerabilities in the Inaba Denki Sangyo Co., Ltd. IB-MCT001, a camera widely used…

1 week ago
YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack TacticYouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic

YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic

A new wave of cyberattacks is targeting YouTube creators, leveraging fake brand collaboration offers to distribute malware. Cybersecurity firm CloudSEK…

1 week ago
Windows MMC Framework Zero-Day Exploited to Execute Malicious CodeWindows MMC Framework Zero-Day Exploited to Execute Malicious Code

Windows MMC Framework Zero-Day Exploited to Execute Malicious Code

Trend Research has uncovered a sophisticated campaign by the Russian threat actor Water Gamayun, exploiting a zero-day vulnerability in the…

1 week ago
APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox ProtectionsAPT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections

APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections

In mid-March 2025, Kaspersky researchers uncovered a sophisticated APT attack, dubbed Operation ForumTroll, which leveraged a previously unknown zero-day exploit…

1 week ago
New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE ExploitNew Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit

New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit

Researchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab, specifically targeting industrial systems associated with ORPAK, a…

1 week ago
North Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent AttacksNorth Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent Attacks

North Korean Kimsuky Hackers Deploy New Tactics and Malicious Scripts in Recent Attacks

Security researchers have uncovered a new attack campaign by the North Korean state-sponsored APT group Kimsuky, also known as "Black…

1 week ago
Raspberry Robin Unveils 200 Unique Domains Used by Threat ActorsRaspberry Robin Unveils 200 Unique Domains Used by Threat Actors

Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors

In a significant development, cybersecurity firm Silent Push has identified nearly 200 unique command and control (C2) domains associated with…

1 week ago