Gootloader inside out
Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware – without needing a lawyer afterward
Similar Posts
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
Bys sThe elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of the month. “The threat actor stopped maintaining…
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
Bys sOpenClaw (formerly Moltbot and Clawdbot) has announced that it’s partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem. “All skills published to ClawHub are now scanned using VirusTotal’s threat intelligence, including their new Code Insight…
New fugitive uploaded to EU Most Wanted list for major ransomware attacks
Bys sFrom Europol: A high-value cybercrime suspect has been added to the EU Most Wanted list. The individual, a Ukrainian national, is believed to be a leading figure in an organised crime network responsible for the 2019 ransomware attack against a major Norwegian aluminium company, as well as a series of other global cyber-attacks. The fugitive is……
Intel Websites Compromised, Allowing Hackers Access to Employee and Confidential Data
Bys sDivya reports: A series of critical security flaws in Intel’s internal web infrastructure exposed the personal details of more than 270,000 employees and potentially provided attackers with access to sensitive corporate and supplier information. The discoveries highlight severe weaknesses across multiple Intel-owned websites, raising broader concerns about the company’s handling of web application security. According……
Clop extortion emails claim theft of Oracle E-Business Suite data
Bys sLawrence Abrams reports: Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems. According to Genevieve Stark, Head of Cybercrime and Information Operations Intelligence Analysis at GTIG, the campaign began in late September. “This activity began on……
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
Bys sThreat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks. According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024. Additional details about the shortcomings have been withheld to prevent further…