DATA BREACH

Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount

Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount

DATA BREACHZerowl

With a new attack campaign delivering multiple new strains of custom malware, the nation-state threat group MuddyWater is not wasting any time in stepping.

Supply Chain Attack Secretly Installs OpenClaw for Cline Users

Supply Chain Attack Secretly Installs OpenClaw for Cline Users

DATA BREACHZerowl

Someone wasn't keeping up with OpenClaw's rapid spread This article explores openclaw installations attack. . This week, cybersecurity vendors observed a.

Supply Chain Attack Embeds Malware in Android Devices

Supply Chain Attack Embeds Malware in Android Devices

DATA BREACHZerowl

Researchers have discovered new malware that infects every app on compromised systems and gives attackers virtually unfettered remote access to them This.

Poland Energy Resists Attack on Solar and Wind Facilities

Poland Energy Resists Attack on Solar and Wind Facilities

DATA BREACHZerowl

Despite its failure, the late-last-year attack on Poland's energy sector was the first significant assault on decentralized energy resources (DERs), such.

ClickFix Attacks Deliver ModeloRAT by Abusing the DNS Lookup Command

ClickFix Attacks Deliver ModeloRAT by Abusing the DNS Lookup Command

DATA BREACHZerowl

By employing a new command to get around security and force users to infect their own devices with malware, in this case a remote access Trojan (RAT) for.

Operation DoppelBrand: Weaponizing Fortune 500 Brands

Operation DoppelBrand: Weaponizing Fortune 500 Brands

DATA BREACHZerowl

Discover how Fortune 500 companies have been the target of a widespread phishing campaign by an elusive, profit-driven threat actor known as GS7, which.

Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again

Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again

DATA BREACHZerowl

Another sobering reminder of the success hackers have been having with edge devices in general, a new round of serious flaws in an Ivanti product has.

Microsoft Office Zero-Day Actively Exploited in Targeted Cyberattacks

Microsoft Office Zero-Day Actively Exploited in Targeted Cyberattacks

DATA BREACHZerowl

A critical security feature bypass vulnerability affecting Office applications has been revealed by Microsoft, and there is proof that it is being

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware

DATA BREACHZerowl

Kaspersky: a tool related to espionage was distributed as a result of a zero-day exploit of a Google Chrome vulnerability. CVE-2025-2783 (CVSS score:

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

DATA BREACHZerowl

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider. The hacking group's expansion to the country beyond Southeast Asi

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

DATA BREACHZerowl

According to Symantec, three Chinese threat groups have turned a zero-day vulnerability into a weapon. Attackers have targeted government agencies in the United States, South America, and an

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

DATA BREACHZerowl

Search engine optimization (SEO) fraud has been linked to the Chinese-speaking cybercrime group UAT-8099. Microsoft Internet Information Services (IIS) servers are the intended target of the

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

DATA BREACHZerowl

Tick, a suspected Chinese cyberespionage actor, is also referred to as Bronze Butler, Daserf, REDBALDKNIGHT, Stalker Panda, and Stalker Taurus. It is well-known for its widespread targeting o

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

DATA BREACHZerowl

A new series of attacks that take advantage of an unpatched Windows shortcut vulnerability have been connected to a threat actor with ties to China. Between September and October of 2025, Eur

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

DATA BREACHZerowl

A bulletin about persistent cyberattacks targeting unpatched Cisco IOS XE devices in the nation was released by the Australian Signals Directorate (ASD). According to the intelligence agency,

Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches

Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches

DATA BREACHZerowl

ClickFix attacks require the user to resolve a challenge or issue within the browser. By copying malicious code from the page clipboard and executing it locally, they deceive users into execu

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

DATA BREACHZerowl

For more than 90% of Fortune 1000 companies, Active Directory continues to be the foundation for authentication. AD is the source of authentication and authorization for all applications, use

3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation

3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation

DATA BREACHZerowl

It has been noted that a network of YouTube accounts promotes videos that result in the download of malware. To date, the network has released over 3,000 malicious videos; since the beginning

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

DATA BREACHZerowl

The current state of cyber defense is starkly depicted in Bitdefender's 2025 Cybersecurity Assessment Report. Even when they felt that disclosure was required, 58% of security professionals w

Top 5 this week