In The News

Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks The Hacker [email protected] (The Hacker News)
February 5, 2025

A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted entities around Eastern …


New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack The Hacker [email protected] (The Hacker News)
February 5, 2025

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114, …


Navigating the Future: Key IT Vulnerability Management Trends  The Hacker [email protected] (The Hacker News)
February 5, 2025

As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize …


AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks The Hacker [email protected] (The Hacker News)
February 5, 2025

A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan (RAT) that …


CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 The Hacker [email protected] (The Hacker News)
February 4, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list …


Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’? Krebs on SecurityBrianKrebs
February 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools …


Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access The Hacker [email protected] (The Hacker News)
February 4, 2025

Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The …


Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections The Hacker [email protected] (The Hacker News)
February 4, 2025

A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent …


North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS The Hacker [email protected] (The Hacker News)
February 4, 2025

The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview …


Watch Out For These 8 Cloud Security Shifts in 2025 The Hacker [email protected] (The Hacker News)
February 4, 2025

As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast …