Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver...

Pentagon modernize defense via AI, Water Curse spreads malware through GitHub repos, and TaxOff uses Chrome zero-day to deploy backdoor.

Insurance industry giant Aflac said it disrupted a cyberattack within hours of discovering it and is now working to determine how much data was potentially breached in the incident.

Oxford City Council revealed that attackers accessed data of individuals who worked on Council-administered elections between 2001 and 2022

Smarter TV operating systems offer added convenience - but they also introduce new privacy risks, particularly around automatic content recognition (ACR).

​Microsoft is investigating a known OneDrive issue that is causing searches to appear blank for some users or return no results even when searching for files they know they've already uploaded. [...]

Red Canary uncovers 'Mocha Manakin,' a new threat using paste and runs to deliver custom NodeInitRAT malware, potentially leading to ransomware. Learn to protect your systems.

TCC Bypass vulnerability has been found in two macOS applications: Phoneix Code (CVE-2025-5255), Postbox (CVE-2025-5963).

Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack in May 2025 that peaked at 7.3 Tbps, targeting a hosting provider. [...]

Around half of the world’s top 100 websites have already integrated passkey support

Google has introduced new enterprise-grade security features for managing Android devices across your organization. Here's how they work.

On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen...

The file was completely exposed - no encryption, no password protection, no security - just a plain text document containing millions of sensitive data entries.

A security flaw in Apache Traffic Server (ATS) is targeting cloud service providers worldwide. The vulnerability, identified as CVE-2025-49763, exposes affected systems to denial-of-service (DoS)...

Self-service password resets (SSPR) reduce helpdesk strain—but without strong security, they can open the door to attackers. Learn why phishing-resistant MFA, context-aware verification, and...

We identified a resurgence of the Prometei botnet's Linux variant. Our analysis tracks the activity of this cryptominer and its new features. The post Resurgence of the Prometei Botnet appeared...

2025-06-12 • Infoblox • Infoblox Threat Intelligence Group • php.dollyway Open article on Malpedia

2025-06-18 • Check Point Research • Antonis Terefos, Jaromír Hořejší Open article on Malpedia

Microsoft has announced plans to periodically remove legacy drivers from the Windows Update catalog to mitigate security and compatibility risks. [...]

2025-06-17 • Palo Alto Networks Unit 42 • Dominik Reichel • win.kimjongrat Open article on Malpedia

Bridewell’s analysis of advertised UK cybersecurity roles revealed that the public sector offers one the lowest average salaries across all industries

Check out highlights from Tenable’s “2025 Cloud Security Risk Report,” which delves into the critical risk from insecure cloud configurations. Plus, Google reveals a Russia-sponsored social...

2025-06-12 • CitizenLab • Bill Marczak, John Scott-Railton Open article on Malpedia

2025-06-13 • Twitter (@Unit42_Intel) • Unit 42 • elf.hyperssl, win.hyperssl Open article on Malpedia

2025-06-15 • Positive Technologies • Stanislav Pyzhov, Vladislav Lunin • win.cobalt_strike Open article on Malpedia

2025-06-16 • Trend Micro • Aira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy Open article on Malpedia

2025-06-18 • Elastic • Salim Bitam • win.hijackloader, win.lumma, win.sectop_rat Open article on Malpedia

2025-06-11 • Interpol • Interpol Open article on Malpedia

2025-06-12 • Symantec • Carbon Black, Threat Hunter Team • win.fog Open article on Malpedia

2025-06-18 • Huntress Labs • Alden Schmidt, Jonathan Semon, Stuart Ashenbrenner Open article on Malpedia