4 Hackers Arrested After Millions Made in Global Botnet Business
Three Russian nationals as well as a Kazakhstani citizen were arrested and charged with conspiracy and other cybercrimes, according to a recently unsealed domain seizure warrant and indictment. Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, Aleksandr Aleksandrovich Shishkin, and Dmitriy Rubtsov were charged with conspiracy and damage to protected computers for their involvement in botnet services known as Anyproxy and 5socks. READ MORE...
North Korea's TA406 Targets Ukraine for Intel
North Korea-backed threat group TA406 is targeting government agencies in Ukraine in an apparent effort to collect intelligence on the country's continued desire and ability to fight back against Russia's invasion. The campaign appears to be aimed at helping Pyongyang assess the risk to North Korean personnel already deployed in Ukraine alongside Russian forces, and to gauge the likelihood of future requests from Moscow for additional military support, according to a new report from Proofpoint. READ MORE...
SAP Patches Another Critical NetWeaver Vulnerability
Enterprise software maker SAP on Tuesday released 16 new and two updated security notes as part of its May 2025 Security Patch Day. Two of the notes address critical vulnerabilities in NetWeaver. The most severe is an update to a note released on April 24 to address CVE-2025-31324 (CVSS score of 10/10), a critical-severity bug in NetWeaver's Visual Composer development server component that has been exploited in the wild since January, for remote code execution (RCE). READ MORE...
Suspected DoppelPaymer Ransomware Group Member Arrested
Authorities in Moldova on Monday announced the arrest of an individual suspected of being involved in DoppelPaymer ransomware attacks. The suspect, a 45-year-old foreigner whose identity was not disclosed, was wanted for his alleged involvement in ransomware attacks, extortion, and money laundering against organizations in the Netherlands. According to Moldovan authorities, the suspect was involved in a ransomware attack against the Dutch Research Council (NWO). READ MORE...
Attackers Lace Fake Generative AI Tools With 'Noodlophile' Malware
An attacker is offering supposed generative AI tools to users in Facebook groups, only to give them malware once they upload their media to the fraudulent "tool." Threat actors are advertising "AI-themed platforms" on social media sites like Facebook, offering to generate AI images, videos, websites, logos, and more. However, once the user uploads something like a reference image, the fake website "processes" the material and instructs the user to download a finished product. READ MORE...
As US vuln-tracking falters, EU enters with its own security bug database
The European Vulnerability Database (EUVD) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking systems. As of Tuesday, the full-fledged version of the website is up and running. The European Union Agency for Cybersecurity (ENISA) first announced the project in June 2024. READ MORE...
CISA mutes own website, shifts routine cyber alerts to Musk's X, RSS, email
The US government's Cybersecurity and Infrastructure Security Agency (CISA) announced Monday that going forward, only urgent alerts tied to emerging threats or major cyber activity will appear on its website. Routine updates, guidance, and other notifications will instead be shared via email, RSS, and X. Up until now, its Cybersecurity Alerts and Advisories website has been posting a variety of bulletins, including known vulnerabilities, flaws, and warnings about specific products. READ MORE...
Hackers now testing ClickFix attacks against Linux targets
A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. ClickFix is a social engineering tactic where fake verification systems or application errors are used to trick website visitors into running console commands that install malware. These attacks have traditionally targeted Windows systems, prompting targets to execute PowerShell scripts from the Windows Run command. READ MORE...
ASUS DriverHub flaw let malicious sites run commands with admin rights
The ASUS DriverHub driver management utility was vulnerable to a critical remote code execution flaw that allowed malicious sites to execute commands on devices with the software installed. The flaw was discovered by an independent cybersecurity researcher from New Zealand named Paul (aka "MrBruh"), who found that the software had poor validation of commands sent to the DriverHub background service. READ MORE...
- ...in 1880, Thomas Edison performs the first test of his electric railway in Menlo Park, NJ.
- ...in 1939, the first commercial FM radio station is launched in Bloomfield, CT. It would later become WDRC-FM, currently 102.9 The Whale.
- ...in 1950, singer-songwriter Stevland Hardaway Morris, AKA Stevie Wonder, is born in Saginaw, MI.
- ...in 1964, comedian and TV host Stephen Colbert is born in Washington, D.C.
