In late June 2025, a significant operational dump from North Korea's Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the group's espionage toolkit, revealing how Kimsuky conducts phishing campaigns, maintains persistence and evades detection within
A sophisticated Android malware campaign has resurfaced, exploiting deceptive websites that perfectly mimic legitimate Google Play Store application pages to distribute the notorious SpyNote Remote Access Trojan (RAT). This malicious operation targets unsuspecting users by creating static HTML clones of popular Android application install pages, complete with copied CSS styling and JavaScript functionality designed to
Telecom Fiji announced on Saturday it has launched NetSafe, a new network-based cybersecurity service for businesses delivered in partnership with telecoms software firm Allot. The NetSafe service - which was officially launched at the end of the Pacific Fiber Conference 2025 in Fiji on Thursday - leverages the Allot Secure solution to offer protection against online threats including malware attacks, ransomware, phishing attempts and malicious websites that can infect devices or attempt to...
A newly observed malware campaign has emerged targeting a broad range of network appliances, including routers from DrayTek, TP-Link, Raisecom, and Cisco. Throughout July 2025, threat researchers observed a stealthy loader spread by exploiting unauthenticated command injection flaws in embedded web services. Initial compromise is achieved through straightforward HTTP requests, which silently deliver a downloader
.webp)
A Chinese national has been sentenced to four years in federal prison for orchestrating a sophisticated insider cyberattack against his former employer's global network infrastructure. Davis Lu, 55, utilized his privileged access as a software developer to deploy destructive malware that crippled operations across thousands of users worldwide, demonstrating the severe risks posed by malicious
A newly discovered macOS stealer, dubbed Mac.c, has surfaced on darknet forums, offering lightning-fast data exfiltration for just $1,500 per month. Developed by the threat actor "mentalpositive," Mac.c is advertised as a streamlined alternative to the established AMOS stealer, targeting credentials, crypto wallets, and system metadata with minimal footprint. Early samples indicate that the malware
submitted by /u/digicat [link] [comments]
submitted by /u/digicat [link] [comments]
A sophisticated malware strain known as KorPlug has emerged as a significant threat in the cybersecurity landscape, employing advanced obfuscation techniques to evade detection and complicate analysis efforts. This malware represents a particularly concerning development due to its implementation of O-LLVM obfuscation mechanisms, which transform conventional program structures into highly complex control flow patterns that
Just wondering what the job market is looking like for reverse engineering. Ive put damn near all my time since I was 14 (now 19) into reversing anticheats, games, OS internals, and a little bit of malware. I have thousands of hours spent coding in C/C++, both drivers and regular usermode shit. I would love to get a job that involves reverse engineering but every thread I see about the topic either says it's absolutely unemployable or the most employable thing on earth... I was hoping someone...
arXiv:2508.15987v1 Announce Type: new Abstract: Machine learning model repositories such as the Hugging Face Model Hub facilitate model exchanges. However, bad actors can deliver malware through compromised models. Existing defenses such as safer model formats, restrictive (but inflexible) loading policies, and model scanners have shortcomings: 44.9% of popular models on Hugging Face still use the insecure pickle format, 15% of these cannot be loaded by restrictive loading policies, and model...
A new Android malware posing as an antivirus tool software created by Russia's Federal Security Services agency (FSB) is being used to target executives of Russian businesses.
Can a ssd nvme drive enclosure be tempered with to inject malware/viruses in to SSD's inserted into it? I bought a usb ssd enclosure from AliExpress but the box looked like it was opened and resealed, I am afraid the use the device for work computers as it might infect them. Any help/guidance on this is much appreciated. Thanks. submitted by /u/fullstackx [link] [comments]
Can an nvme ssd enclosure be tempered with to load malware or virus in ssd drives that are used with it, thus infecting all the windows machines those ssd are used with? Because I bought a ugreen m2 nvme enclosure from AliExpress but when the box was delivered it seemed like the packaging seal had already been opened and resealed. I am using this drive enclosure for work and now I am afraid about it being tempered with or injecting some sort of malicious code in all ssd drives that I test or...
Hi everyone, I'm currently working as a SOC T 1 for the past 2 months. Before that, I worked as a SOC Engineer for about a year, mainly dealing with SIEM, SOAR, and different SOC tools (configurations, deployments, etc.). Right now, I want to move up to SOC T2 , but I'm not sure what exact path I should take. I'm currently interested in DFIR and Malware Analysis , but I don't know which one I should focus on (I don't mind choosing only one if needed). My main questions are: What topics and...
My company runs an online product offering with several customers using our product. We also have a bug bounty program and every now and then, we receive reports of leaked credentials pertaining to our customers. These leaked credentials are due to customer's poor security (malware on their PC, same password everywhere, etc) and not a breach on our end. I'm trying to understand the right way to handle these. Would contacting customers to inform them of their password leaks be an obligation or...
The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India.
submitted by /u/digicat [link] [comments]
submitted by /u/jnazario [link] [comments]
A new infostealer malware targeting Mac devices, called 'Shamos,' is targeting Mac devices in ClickFix attacks that impersonate troubleshooting guides and fixes.