Daily Cyber News

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations

Cybersecurity researchers have uncovered a new wave of attacks where threat actors are exploiting vulnerabilities in TBK digital video recorders and outdated TP-Link routers to deploy a powerful Mirai-based botnet. The findings were reported by Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. Exploitation of TBK DVR Devices The attack specifically targets TBK DVR systems by abusing CVE-2024-3721, […]

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations Read More »

Obsidian Plugin Exploitation Spreads PHANTOMPULSE RAT in Targeted Finance and Crypto Attacks

A newly identified cyber campaign has revealed how attackers are exploiting trusted software tools to infiltrate high-value targets. Security researchers have uncovered a sophisticated operation that abuses the popular note-taking application Obsidian to distribute a previously unknown remote access trojan called PHANTOMPULSE RAT. The attacks are primarily aimed at individuals working in financial services and cryptocurrency sectors, where

Obsidian Plugin Exploitation Spreads PHANTOMPULSE RAT in Targeted Finance and Crypto Attacks Read More »

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities

A newly uncovered cyber espionage operation has raised concerns after Ukraine’s national cybersecurity authority, Computer Emergency Response Team of Ukraine, revealed a coordinated malware campaign aimed at government institutions and healthcare facilities. The attacks primarily focus on clinics and emergency hospitals, with the objective of stealing highly sensitive data. Attack Timeline and Threat Actor Profile Security

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities Read More »

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities

Microsoft has released its latest Patch Tuesday security updates, addressing a total of 169 vulnerabilities across its software ecosystem. Among these is a zero-day vulnerability in SharePoint Server that is currently being exploited in real-world attacks. Breakdown of Vulnerabilities Out of the 169 identified flaws: A large portion of these issues, around 93 vulnerabilities, are related to privilege escalation. Other

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities Read More »

Backdoored Smart Slider 3 Pro Update Delivered via Compromised Nextend Servers in Supply Chain Attack

A serious software supply chain attack has been uncovered involving the popular WordPress plugin Smart Slider 3, where attackers compromised the update infrastructure to distribute a malicious version containing a hidden backdoor. According to security researchers at Patchstack, the affected release is Smart Slider 3 Pro version 3.5.1.35. The plugin, widely used across more than 800,000 websites,

Backdoored Smart Slider 3 Pro Update Delivered via Compromised Nextend Servers in Supply Chain Attack Read More »

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware

A newly identified cyber threat cluster, UAT-10362, has been linked to targeted spear-phishing attacks aimed at organizations in Taiwan, including non-governmental organizations (NGOs) and academic institutions. The campaign deploys a previously unknown malware framework called LucidRook. Security researchers from Cisco Talos revealed that the operation was first detected in October 2025 and demonstrates a high

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware Read More »

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits

A new cyber espionage operation linked to Russia’s state-backed group APT28, also known as Forest Blizzard and Pawn Storm, has been uncovered targeting Ukraine and its allied nations. The campaign delivers a newly identified malware framework called PRISMEX through highly targeted spear-phishing attacks. Security researchers from Trend Micro revealed that the campaign has been active since at least

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits Read More »

Anthropic’s Claude Mythos Uncovers Thousands of Zero-Day Vulnerabilities Across Major Systems

Artificial intelligence company Anthropic has introduced a new cybersecurity initiative called Project Glasswing, powered by an advanced preview model known as Claude Mythos. The program aims to strengthen global software security by identifying and fixing critical vulnerabilities before they can be exploited. The initiative will involve collaboration with major technology and security organizations, including Amazon

Anthropic’s Claude Mythos Uncovers Thousands of Zero-Day Vulnerabilities Across Major Systems Read More »

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems

A large-scale software supply chain attack linked to North Korean threat actors has been uncovered, involving the of more than 1,700 malicious packages across multiple developer ecosystems, including npm, PyPI, Go, Rust, and Packagist. The campaign, tracked as Contagious Interview, demonstrates a coordinated effort to infiltrate developer environments by disguising malware as legitimate development tools.

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems Read More »

Iran-Linked Hackers Target Internet-Exposed PLCs to Disrupt U.S. Critical Infrastructure

Cybersecurity authorities have issued warnings about a surge in attacks by Iran-linked threat actors targeting operational technology systems in the United States. These attacks are focused on internet-accessible industrial devices, particularly programmable logic controllers (PLCs), which are widely used in critical infrastructure environments. According to alerts from the Federal Bureau of Investigation (FBI), these intrusions have

Iran-Linked Hackers Target Internet-Exposed PLCs to Disrupt U.S. Critical Infrastructure Read More »