Author: s s

A simple customer query leads to a rabbit hole of backdoored malware and game cheats

Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication solution that could result in an authentication bypass and remote code execution. “These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass,

Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport RAT malware. The DomainTools Investigations (DTI) team said it identified “malicious multi-stage downloader Powershell scripts” hosted on lure websites that masquerade as Gitcode and DocuSign….

Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible systems and execute arbitrary code. The vulnerability, tracked as CVE-2025-49113, carries a CVSS score of 9.9 out of 10.0. It has been described as a…

The InterLock ransomware leak site recently added Texas Digestive Specialists to its listings, claiming to have exfiltrated (and leaked) 263 GB of data consisting of 16,920 folders with 215,245 files. Finding no indication of anything amiss or any breach disclosure on the medical group’s website, DataBreaches sampled selectively from the data tranche. We noticed evidence…

In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, with coverage spilling over into the mainstream news due to the severity of the disruption caused — currently looking like hundreds of millions in lost profits for M&S alone.  This coverage is extremely…

Leader of Online Swatting Ring Admits to Targeting over 75 Public Officials, Four Religious Institutions, and Multiple Journalists in Nationwide Bomb Threat Spree June 2, 2025. Thomasz Szabo, also known as Plank, Jonah, and Cypher, 26, of Romania, pleaded guilty today to being the leader of a years-long conspiracy that targeted victims across the United…

A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America. The malware, according to a new report published by ThreatFabric, has also adopted improved obfuscation techniques to hinder analysis and detection, and includes the ability to create new contacts in the…

Zack Whittaker reports: Compliance company Vanta has confirmed that a bug exposed the private data of some of its customers to other Vanta customers. The company told TechCrunch that the data exposure was a result of a product code change and not caused by an intrusion. Vanta, which helps corporate customers automate their security and…

Aman Mishra reports: A formidable new strain of ransomware, dubbed Lyrix, has recently surfaced, posing a significant threat to Windows users worldwide. […] Lyrix ransomware stands out due to its ability to bypass traditional antivirus solutions by employing polymorphic code, which constantly mutates to avoid signature-based detection. Once infiltrated, the malware stealthily maps the target…