New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto The Hacker [email protected] (The Hacker News)
May 28, 2025

Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances …


Zscaler Announces Deal to Acquire Red Canary darkreadingDark Reading Staff
May 28, 2025

The August acquisition will bring together Red Canary's extensive integration ecosystem with Zscaler's cloud transaction data to deliver an AI-powered security operations platform. The August acquisition will bring together Red Canary's …


Zscaler Announces Deal to Acquire Red Canary darkreadingDark Reading Staff
May 28, 2025

The August acquisition will bring together Red Canary's extensive integration ecosystem with Zscaler's cloud transaction data to deliver an AI-powered security operations platform. The August acquisition will bring together Red Canary's …


From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign The Hacker [email protected] (The Hacker News)
May 28, 2025

Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with personal services, the …


From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign The Hacker [email protected] (The Hacker News)
May 28, 2025

Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with personal services, the …


Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware The Hacker [email protected] (The Hacker News)
May 28, 2025

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency …


How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds The Hacker [email protected] (The Hacker News)
May 28, 2025

Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens …


251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch The Hacker [email protected] (The Hacker News)
May 28, 2025

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The activity, observed by GreyNoise on May 8, 2025, involved as …


Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats The Hacker [email protected] (The Hacker News)
May 27, 2025

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App …


Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model darkreadingRobert Lemos, Contributing Writer
May 27, 2025

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attract businesses legitimate and shady. The region offers …