Google Mandiant Investigates Oracle-Linked Cyber Threat Activity
Google Mandiant has launched an investigation into a new cyberattack campaign targeting Oracle systems, raising alarms over advanced threat activity and enterprise risks.
Tag: security
Read More
Malicious PyPI Package Masquerades as SOCKS5 Proxy Tool
The PyPI “SoopSocks” package claims to be a SOCKS5 proxy solution but conceals backdoor capabilities, enabling attackers to control compromised systems remotely.
Banking Trojan Adds Hidden VNC Full Remote Control for Attackers
A newly discovered Android banking trojan combines overlay attacks with a stealthy hidden VNC server to gain full remote control over compromised devices.
CERT-UA Issues Alert on CabinetRAT Backdoor Cyber Threat
Ukraine’s CERT-UA has warned that CabinetRAT backdoor malware is being actively deployed in cyber espionage campaigns targeting government and critical networks.
Government & Military Systems Under Attack by APT35 Hackers
APT35 hackers, linked to Iran, are conducting cyberattacks against global government and military organizations, using spear-phishing and malware for espionage.
VMware Tools & Aria Zero-Day Exploited for Root Access
Security researchers have identified a critical zero-day flaw (CVE-2025-41244) affecting VMware Tools and VMware Aria. The bug enables local privilege escalation to root, a dangerous step in potential exploitation chains. The issue lies in service discovery mechanisms built into VMware, which allow guest and management systems to interact. Attackers are abusing this trust to escalate…
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
EvilAI operators are hiding malware in legitimate-looking AI tools that appear functional and signed, enabling reconnaissance, browser data exfiltration, and encrypted C2 communication across global targets.
PlugX and Bookworm Deployed via DLL Side‑Loading in Targeted Cyber Espionage Campaign
A sophisticated cyber campaign used DLL side‑loading to deliver a hybrid PlugX variant and the Bookworm backdoor to telecom and ASEAN networks, revealing renewed tactics by China‑linked threat actors.
Weaponized “Microsoft Teams” Installer Delivers Oyster Backdoor via Poisoned Search Results
A targeted malvertising campaign redirected users from Bing to a fake Teams download site, where a signed MSTeamsSetup.exe installed the Oyster backdoor — blocked just in time by Microsoft Defender ASR.
TikTok Algorithm Faces U.S. Control Data, Politics, and Security Concerns
TikTok’s future in the United States is undergoing a dramatic shift. Under a new deal, the app’s powerful recommendation algorithm will be retrained exclusively on U.S. user data, with a consortium of American investors taking control. While framed as a national security safeguard, experts warn the move could reshape TikTok’s content, amplify political influence, and…