backdoor
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian …
WinRAR zero-day exploited by RomCom hackers in targeted attacks
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components …
SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit
Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, …
Stealthy backdoor found hiding in SOHO devices running Linux
SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader …
Cozy Bear targets EU diplomats with wine-tasting invites (again)
APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. …
Beware fake AutoCAD, SketchUp sites dropping malware
Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer …
RansomHub affiliate leverages multi-function Betruger backdoor
A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The …
China-based Silver Fox spoofs healthcare app to deliver malware
Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising …
The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance
The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. …
Patient monitors with backdoor are sending info to China, CISA warns
Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a …
Juniper enterprise routers backdoored via “magic packet” malware
A stealthy attack campaign turned Juniper enterprise-grade routers into entry points to corporate networks via the “J-magic” backdoor, which is loaded into the …
China-aligned PlushDaemon APT compromises supply chain of Korean VPN
ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this …
Featured news
Resources
Don't miss
- Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)
- WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)
- APT groups are getting personal, and CISOs should be concerned
- What makes a security program mature and how to get there faster
- EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations