Scattered Spider Taps CFO Credentials in ‘Scorched Earth’ Attack darkreadingRob Wright
June 27, 2025

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought …


Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign The Hacker [email protected] (The Hacker News)
June 27, 2025

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign …


Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover darkreadingNate Nelson, Contributing Writer
June 27, 2025

Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system. Hackers can spy …


Vulnerability Debt: How Do You Put a Price on What to Fix? darkreadingMatt Middleton-Leal
June 27, 2025

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture. Putting a vulnerability debt figure together involves work, …


PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack The Hacker [email protected] (The Hacker News)
June 27, 2025

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such …


US Falling Behind China in Exploit Production darkreadingRobert Lemos, Contributing Writer
June 27, 2025

Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — while China has built up a significant lead. Cyber …


Business Case for Agentic AI SOC Analysts The Hacker [email protected] (The Hacker News)
June 27, 2025

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected …


Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit The Hacker [email protected] (The Hacker News)
June 27, 2025

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has …


MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted The Hacker [email protected] (The Hacker News)
June 27, 2025

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass …


OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors The Hacker [email protected] (The Hacker News)
June 26, 2025

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The …