- GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnetsby info@thehackernews.com (The Hacker News) on 23/08/2025 at 07:38
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure. The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
- Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detectionby info@thehackernews.com (The Hacker News) on 22/08/2025 at 14:31
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a technical write-up. "The payload isn't hidden inside the file content or a macro, it's encoded directly
- Automation Is Redefining Pentest Deliveryby info@thehackernews.com (The Hacker News) on 22/08/2025 at 11:06
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn't kept pace. Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,
- Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionageby info@thehackernews.com (The Hacker News) on 22/08/2025 at 11:06
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks. "The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by
- INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdownby info@thehackernews.com (The Hacker News) on 22/08/2025 at 11:05
INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. "The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation," the agency said. The effort is the second phase of an ongoing law