VanHelsing ransomware: what you need to know
First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation. Read more in my article on the Tripwire State of Security blog.
Cyber News
- March 28, 2025
- March 28, 2025
Researchers Uncover 46 Critical Flaws in Solar Power Systems From Sungrow, Growatt, and SMA
Cybersecurity researchers have disclosed 46 new security flaws in products from three solar power system vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. “The […]
Cyber News
- March 28, 2025
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection
Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that’s designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. “The purpose of the malware is to download and execute second-stage payloads while evading
Cyber News
- March 28, 2025
AIs as Trusted Third Parties
This is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third parties: Abstract: We often interact with untrusted parties. Prioritization of privacy can limit the effectiveness of these interactions, as achieving certain goals necessitates sharing private […]
Cyber News
- March 28, 2025
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable […]
Cyber News
- March 28, 2025
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. “PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices,” Sophos security researcher Pankaj Kohli said in […]
Cyber News
- March 28, 2025
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. “Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest
Cyber News
- March 28, 2025
Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape. […]
Cyber News
- March 27, 2025
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat. […]
Cyber News