Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products.
The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek.
SecurityWeek – Read More
Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild.
The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek.
SecurityWeek – Read More
A new malware threat called Zhong Stealer has surfaced from China, and it’s already slipping into businesses through…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Hey, cybersecurity enthusiasts!
February brought major enhancements to ANY.RUN, improving threat intelligence, detection capabilities, and overall user experience.
With the launch of Threat Intelligence Reports, security professionals now have access to detailed, expert-driven analyses of cyber threats, malware, and APT activities.
We also introduced a redesigned website, making navigation more intuitive and structured.
On the detection side, we significantly improved our threat-hunting capabilities, adding 314 new Suricata rules, refining behavior signatures, and expanding our YARA rule database. These updates strengthen real-time threat visibility and detection accuracy, helping analysts respond faster to emerging cyber threats.
Let’s take a closer look at February’s updates and how they enhance your malware-hunting workflow.
In February, ANY.RUN introduced Threat Intelligence Reports in TI Lookup: detailed research on cyber threats, providing security professionals and decision-makers with actionable insights.
Curated by our experts, these reports support threat monitoring, incident response, R&D, and strategic planning, covering malware, ransomware, phishing campaigns, and APTs.
Built on real-world threat data, sources include our Interactive Sandbox, TI Lookup, and community-driven malware analyses.
View sample report on APT41 Attacks
How to access TI Reports
Paid TI Lookup users get full reports, while summaries and select reports are available for free.
New reports are marked with a “New” badge for quick access.
What’s inside TI Reports?
Each report provides a detailed threat overview, covering key aspects such as:
In February, we introduced a redesigned ANY.RUN website, making it more intuitive, structured, and easier to navigate. The new design makes sure that all essential cybersecurity resources and solutions are now better organized and easily accessible.
Whether you’re exploring threat intelligence, running sandbox analyses, or researching cybersecurity insights, the updated layout enhances usability for both security experts and new users.
In February, we added 314 new Suricata rules, strengthening our network-based threat detection. Notable updates include:
This month, we expanded behavior-based detection, adding new mutex findings, threat detections, and suspicious activity signatures. These updates improve the ability to track malware persistence mechanisms and evasive techniques in real-time.
New Malware & Threat Detections
Suspicious Activities & Evasion Techniques
Additional Mutex Detections
In February, we expanded our YARA rule database, enhancing malware detection and classification. The latest rules target a variety of stealers, RATs, ransomware, and loaders, improving detection accuracy for emerging threats.
ANY.RUN helps more than 500,000 cybersecurity professionals worldwide. Our interactive sandbox simplifies malware analysis of threats that target both Windows and Linux systems. Our threat intelligence products, TI Lookup, YARA Search, and Feeds, help you find IOCs or files to learn more about the threats and respond to incidents faster.
Request free trial of ANY.RUN’s services →
The post Release Notes: Threat Intelligence Reports, New Website Design, & Enhanced Detection appeared first on ANY.RUN’s Cybersecurity Blog.
ANY.RUN’s Cybersecurity Blog – Read More
Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts.
The findings come from the Splunk Threat Research Team, which said the activity also led to the delivery of various binaries that facilitate data exfiltration as well as offer
The Hacker News – Read More
Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano.
The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October
The Hacker News – Read More
Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog.
The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek.
SecurityWeek – Read More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows –
CVE-2023-20118 (CVSS score: 6.5) – A command injection
The Hacker News – Read More
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild.
The two high-severity vulnerabilities are listed below –
CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access to “Android/data,” “Android/obb,”
The Hacker News – Read More
