-
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian-linked cyber-espionage group known as Secret Blizzard has significantly upgraded its long-running Kazuar malware framework, transforming it into a highly modular peer-to-peer (P2P) botnet optimized for stealth, persistence, and intelligence collection. The latest Kazuar variant introduces decentralized communications, internal…
-
New Linux ‘Dirty Frag’ zero-day gives root on all major distros
Security researchers have disclosed a new Linux zero-day vulnerability chain dubbed Dirty Frag, a high-severity local privilege escalation exploit that allows attackers to obtain root access on most major Linux distributions using a single command. The exploit affects the Linux…
-
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
A sophisticated software supply-chain attack has compromised multiple versions of DAEMON Tools, resulting in the distribution of trojanized installers that deployed a stealth backdoor to thousands of devices worldwide. The malicious installers were reportedly distributed through the software’s official website…
-
Popular WordPress redirect plugin hid dormant backdoor for years
A widely used WordPress plugin, Quick Page/Post Redirect, has been found to contain a long-standing backdoor capable of enabling arbitrary code execution on affected websites. The plugin, installed on over 70,000 sites, was temporarily removed from the official directory after…
-
PyPI package with 1.1M monthly downloads hacked to push infostealer
A supply-chain attack has impacted the widely used PyPI package elementary-data, after attackers published a malicious release designed to steal developer secrets, cloud credentials, and cryptocurrency wallet data. The compromised version, 0.23.3, was distributed through both PyPI and the project’s…
-
New GoGra malware for Linux uses Microsoft Graph API for comms
Security researchers have identified a new Linux variant of the GoGra backdoor that abuses Microsoft cloud services for covert command-and-control communications. Instead of relying on traditional attacker infrastructure, the malware uses the Microsoft Graph API and an Outlook mailbox to…
-
Critical Marimo pre-auth RCE flaw now under active exploitation
Security researchers have identified active exploitation of a critical vulnerability in Marimo, an open-source reactive Python notebook environment widely used by data scientists, machine learning engineers, and developers building data-driven applications. The vulnerability, tracked as CVE-2026-39987, enables unauthenticated remote code…
-
CERT-EU: European Commission hack exposes data of 30 EU entities
The European Union’s Cybersecurity Service, CERT-EU, has confirmed that a cyberattack against the European Commission compromised cloud infrastructure and exposed data belonging to dozens of EU organizations. According to CERT-EU’s investigation, the intrusion has been attributed to the TeamPCP threat…
-
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Modern fraud operations increasingly resemble a coordinated, multi-stage pipeline rather than a single isolated event. Cybercriminals combine automation, social engineering, malware, and stolen credentials to move victims from initial account creation to financial exploitation. This layered approach allows attackers to…
Must-Read Posts
- ‘PlushDaemon’ hackers hijack software updates in supply-chain attacks
- Adidas warns of data breach after customer service provider hack
- AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
- AI in Cybersecurity: Revolutionizing Defense Against Emerging Threats
- Android gets patches for Qualcomm zero-day exploited in attacks
