GOLD BLADE Remote DLL Sideloading Attack Deploys RedLoader
Attacks surged in July 2025 after the threat group updated its process to combine malicious LNK files and a recycled WebDAV technique
Similar Posts
Global hack on Microsoft product hits U.S., state agencies, researchers say
Bys sEllen Nakashima, Yvonne Wingett Sanchez, and Joseph Menn report: Hackers exploited a major security flaw in widely used Microsoft server software to launch a global attack on government agencies and businesses in the past few days, breaching U.S. federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and…
No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news
Bys sKudos to Lawrence Abrams and Bleeping Computer for calling out Cybernews’ misleading reporting. News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. To be…
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Bys sIn what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google’s infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. “The first thing to note is that this is a valid, signed email – it really…
Gmail’s protections are strong and effective, and claims of a major Gmail security warning are false.
Bys sFrom Google’s blog, today, to try to counter headlines about any major security concern: We want to reassure our users that Gmail’s protections are strong and effective. Several inaccurate claims surfaced recently that incorrectly stated that we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false…….
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
Bys sAn ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show. “This latest wave of ShinyHunters-attributed attacks reveals a dramatic shift in tactics, moving beyond the group’s previous credential theft and…
China Amends Cybersecurity Law and Incident Reporting Regime to Address AI and Infrastructure Risks
Bys sYan Luo of Covington and Burling writes: Over the past few months, Chinese regulators have taken steps to update the country’s cybersecurity framework, with a particular focus on artificial intelligence (AI) safety and clarifying incident reporting obligations for onshore infrastructure. These developments reflect a broader trend toward more proactive AI and cyber governance and could……