Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
botnet
New threat group uses custom tools to hijack search results

ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, …

cloud
China-linked Murky Panda targets and moves laterally through cloud services

In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to …

maritime
Ports are getting smarter and more hackable

A new policy brief from NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is …

SharePoint
Microsoft pins on-prem SharePoint attacks on Chinese threat actors

This is a developing story, new update here: Storm-2603 spotted deploying ransomware on exploited SharePoint servers As Microsoft continues to update its customer guidance for …

Shortleash Backdoor
Stealthy backdoor found hiding in SOHO devices running Linux

SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader …

LockBit
LockBit panel data leak shows Chinese orgs among the most targeted

The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate …

botnet
Nation-state APTs ramp up attacks on Ukraine and the EU

Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber …

Ivanti
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who …

hand
China-linked FamousSparrow APT group resurfaces with enhanced capabilities

ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate …

malware
China-based Silver Fox spoofs healthcare app to deliver malware

Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising …

Deepseek
DeepSeek’s popularity exploited by malware peddlers, scammers

As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of …

backdoor
China-aligned PlushDaemon APT compromises supply chain of Korean VPN

ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools