Cybercrime

F5 BIG-IP Source Code Exposed in Breach by Nation-State Hackers

U.S.-based cybersecurity firm F5 disclosed on Wednesday that unauthorized actors infiltrated its systems and obtained files containing portions of the BIG-IP source code, along with information about undisclosed vulnerabilities in the product. The company attributed the attack to a “highly sophisticated nation-state threat actor,” noting that the intruders maintained prolonged access to its network. According […]

F5 BIG-IP Source Code Exposed in Breach by Nation-State Hackers Read More »

Active Exploitation of Windows Remote Access Connection Manager 0-Day Vulnerability

Microsoft has issued a serious warning after confirming that a newly discovered zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service is being actively exploited in real-world attacks. The flaw allows threat actors to gain SYSTEM-level privileges, giving them complete control over the targeted machine. This vulnerability, tracked as CVE-2025-59230, is considered a

Active Exploitation of Windows Remote Access Connection Manager 0-Day Vulnerability Read More »

From HealthKick to GOVERSHELL: Tracking the Evolution of UTA0388 Espionage Malware

A China aligned threat actor tracked as UTA0388 has run multiple spear phishing campaigns across North America, Asia, and Europe, with the main aim of delivering a Go based implant known as GOVERSHELL. Volexity reported these operations on Wednesday, noting that initial messages impersonated senior researchers and analysts from fabricated organizations, to trick recipients into

From HealthKick to GOVERSHELL: Tracking the Evolution of UTA0388 Espionage Malware Read More »

ThreatsDay Bulletin: MS Teams Breach, MFA Hijacking, $2B Crypto Theft, Apple Siri Investigation & More

Cybersecurity threats are advancing faster than ever, with attackers increasingly combining social engineering, AI-driven manipulation, and cloud exploitation to target systems once deemed secure. From communication platforms to smart devices, every technological convenience simultaneously expands the potential attack surface. This edition of ThreatsDay Bulletin highlights these overlapping risks and the necessary measures to maintain trust in

ThreatsDay Bulletin: MS Teams Breach, MFA Hijacking, $2B Crypto Theft, Apple Siri Investigation & More Read More »

Hackers Breach SonicWall Cloud Firewall Backups, Prompting Urgent Security Reviews

SonicWall revealed on Wednesday that an unauthorized party gained access to firewall configuration backup files of customers using its cloud backup service. The compromised files contain encrypted credentials and configuration data. While the encryption remains active, possession of these files may increase the risk of targeted attacks The company is actively notifying all affected partners

Hackers Breach SonicWall Cloud Firewall Backups, Prompting Urgent Security Reviews Read More »

Lapsus$ Hunters Launch New Leak Site to Publish Data Stolen from Salesforce

The cybercriminal collective known as Scattered Lapsus$ Hunters has intensified their extortion efforts by launching a dedicated leak portal aimed at publishing stolen Salesforce data. This alliance, which includes prominent threat actors such as ShinyHunters, Scattered Spider, and Lapsus$, represents a new level of sophistication in ransomware-as-a-service operations, specifically targeting one of the most widely

Lapsus$ Hunters Launch New Leak Site to Publish Data Stolen from Salesforce Read More »

IRGC-Linked APT35’s Structure, Toolset, and Espionage Operations Revealed

Since surfacing in the mid-2010s as a persistent threat actor, the IRGC-linked APT35 collective has continually adapted its methods to target government agencies, energy companies, and diplomatic missions across the Middle East and beyond. What began as credential-harvesting phishing campaigns has matured into a modular, multi-stage toolkit that supports deep network infiltration and prolonged espionage.

IRGC-Linked APT35’s Structure, Toolset, and Espionage Operations Revealed Read More »

AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine

Russian hackers have taken their cyber offensive to a new level by integrating artificial intelligence (AI) into cyber attacks against Ukraine, according to a report published by the State Service for Special Communications and Information Protection of Ukraine (SSSCIP). The report revealed that during the first half of 2025 (H1 2025), hackers began using AI

AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine Read More »

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns

Cybersecurity teams have uncovered a coordinated campaign that compromises WordPress websites to inject malicious JavaScript, with the goal of redirecting visitors to fraudulent, malware laden pages. These drive by injections impersonate legitimate checks, tricking users into following steps that ultimately deliver malware or credential theft. What researchers found, and how the injection works Researchers at

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns Read More »

Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign

Threat actors believed to be linked to China have repurposed a legitimate open-source monitoring framework, Nezha, to conduct a coordinated cyberattack, researchers found. The campaign, observed in August 2025 by Huntress, used a log poisoning technique to plant a PHP web shell on vulnerable web servers, then leveraged that access to deploy Nezha and ultimately

Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign Read More »