Murdoc Botnet Ensnaring Avtech, Huawei Devices

The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment. The activity has been attributed by Palo Alto Networks Unit 42 to a hacking group it tracks…

Law Enforcement Seizes Servers, Domains, and Approximately $1 Million In Laundered Proceeds Owned By BlackSuit (Royal) Ransomware August 11, 2025 The Justice Department announced today coordinated actions against the BlackSuit (Royal) Ransomware group which included the takedown of four servers and nine domains on July 24, 2025. The takedown was conducted by the Department of……

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack. The workflows, both maintained by the supply chain security company Checkmarx, are listed below – checkmarx/ast-github-action checkmarx/kics-github-action Cloud security

Sophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan

DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this ushers in a new era of AI-generated code, it introduces “silent killer” vulnerabilities: exploitable flaws that evade traditional security tools despite perfect test performance. A detailed analysis of secure vibe coding practices is…

South Korea is taking the Coupang breach extremely seriously, it seems. Claire Lee of AFP reports: South Korean police raided the Seoul headquarters of e-commerce giant Coupang on Tuesday over a recent data leak believed to have affected almost two-thirds of the country’s population. Coupang is South Korea’s most popular online shopping platform, serving millions……