BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells 说中文的威胁行为者利用BadIIS恶意软件进行SEO中毒攻击，针对东亚和东南亚国家（如越南），通过操控搜索引擎结果将用户引导至恶意网站。... 2025-9-23 08:13:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com badiis poisoning malicious c2 attackers

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks read file error: read notes: is a directory... 2025-9-22 15:40:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com phishing formbook f6 loader sectors

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More read file error: read notes: is a directory... 2025-9-22 11:47:0 | 阅读: 52 | 收藏 | The Hacker News - thehackernews.com security phishing network microsoft stealer

How to Gain Control of AI Agents and Non-Human Identities read file error: read notes: is a directory... 2025-9-22 11:0:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com identities security nhis agents nhi

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants 微软Entra ID（原Azure Active Directory）存在严重漏洞（CVE-2025-55241），CVSS评分10.0，允许攻击者冒充任何用户甚至全球管理员。该漏洞源于服务到服务令牌与Azure AD Graph API的缺陷组合，已修复。... 2025-9-22 05:47:0 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com microsoft entra security cloud exploited

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams read file error: read notes: is a directory... 2025-9-21 10:56:0 | 阅读: 39 | 收藏 | The Hacker News - thehackernews.com beavertail korean clickfix north software

LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer read file error: read notes: is a directory... 2025-9-20 07:7:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com github lastpass malicious distribute repository

Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell read file error: read notes: is a directory... 2025-9-20 05:48:0 | 阅读: 26 | 收藏 | The Hacker News - thehackernews.com phishing llm attachment security malicious

ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent read file error: read notes: is a directory... 2025-9-20 05:31:0 | 阅读: 28 | 收藏 | The Hacker News - thehackernews.com chatgpt security captchas openai injection

UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware 一个与伊朗相关的网络间谍组织 UNC1549 通过 LinkedIn 招聘活动针对欧洲电信公司发起攻击，成功入侵 34 台设备并部署恶意软件 MINIBIKE 窃取敏感数据；该组织伪装成 HR 代表发送钓鱼邮件，并利用 Azure 云服务隐藏其 C2 基础设施。... 2025-9-19 16:6:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com malicious c2 muddywater snail prodaft

SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers SystemBC恶意软件创建了一个名为REM Proxy的代理网络，利用被感染设备作为SOCKS5代理。该网络拥有80多个C2服务器和每天约1500个受害者，其中80%为被黑VPS系统。SystemBC还用于暴力破解WordPress站点凭证，并在地下论坛出售这些凭证。该恶意软件已活跃多年，在网络安全威胁中持续存在。... 2025-9-19 14:26:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com proxy systembc network proxies lumen

Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability read file error: read notes: is a directory... 2025-9-19 14:12:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com fortra goanywhere mft exploited 0669

17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge 文章指出，名为Lighthouse和Lucid的钓鱼即服务（PhaaS）平台已关联到超过17,500个钓鱼域名，针对来自74个国家的316个品牌发起攻击。这些平台提供定制模板和实时监控功能，并通过特定条件限制目标访问。Lucid和Lighthouse分别针对不同行业的品牌发起攻击，并与多个威胁组织相关联。此外，钓鱼攻击正从Telegram转向电子邮件渠道，导致相关活动激增25%。... 2025-9-19 14:2:0 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com phishing lighthouse lucid phaas netcraft

How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines Tines 提供一个免费 AI 自动化平台，包含 1,000 多个预建安全工作流。本文介绍的工作流通过 AI 分析安全警报并自动执行 Confluence 中的相关 SOP，减少手动操作和响应时间。该工作流支持与多种工具集成，并通过 Slack 通知团队。... 2025-9-19 11:0:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com security tines sops sop analysis

Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine 两个俄罗斯黑客组织Gamaredon和Turla合作攻击乌克兰实体，使用各自恶意软件工具部署后门程序Kazuar，目标为乌克兰国防部门。... 2025-9-19 08:24:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com kazuar gamaredon turla eset ukraine

U.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber Attack 两名英国青少年黑客因涉嫌参与2024年8月针对伦敦交通局的网络攻击被捕。其中一人还被指控攻击美国医疗机构及勒索超1.15亿美元。... 2025-9-19 07:5:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com jubair conspiracy nca doj charged

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428 CISA披露两组恶意软件通过利用Ivanti Endpoint Manager Mobile的零日漏洞CVE-2025-4427和CVE-2025-4428传播。攻击者借此在服务器上运行任意代码，窃取信息并维持持久性。建议组织更新软件并加强监控以防范此类攻击。... 2025-9-19 04:10:0 | 阅读: 44 | 收藏 | The Hacker News - thehackernews.com malicious attackers loader 4428

SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers SonicWall遭遇安全漏洞，导致部分客户防火墙配置备份被泄露。公司建议受影响用户重置凭证并采取安全措施。同时提醒Akira勒索软件团伙正利用该漏洞进行攻击。... 2025-9-18 14:12:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com security cloud huntress backup network

CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader read file error: read notes: is a directory... 2025-9-18 12:56:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com powershell countloader purehvnc ransomware

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers 研究人员发现PyPI上的两个恶意软件包 sisaws 和 secmeasure，它们模仿合法软件以传播名为SilentSync的远程木马。该木马可窃取浏览器数据、执行命令并删除痕迹。此事件凸显供应链攻击的风险。... 2025-9-18 11:38:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com python silentsync sisaws zscaler pypi