Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

/in

Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in the face of infrastructure takedowns.
“Instead of relying solely on traditional command-and-control (C2) servers that can be taken down, these attackers are leveraging GitHub repositories to host malware

The Hacker News – ​Read More

Don’t want to upgrade to Windows 11? You don’t have to, but here’s what you should know

/in

Microsoft wants you to move on from Windows 10, but with the right tools, services, and habits, it’s possible to keep the older OS on your PC for years to come.

Latest news – ​Read More

New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

/in

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts.
“Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, ‘serviceaccount,'” eSentire said in a technical report published

The Hacker News – ​Read More

Feeling lonely at work? You’re not alone – 5 ways to boost your team’s morale

/in

If your team’s energy is fading, these simple leadership tips can help kindle it.

Latest news – ​Read More

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

/in

Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data.
The vulnerability, tracked as CVE-2025-61884, carries a CVSS score of 7.5, indicating high severity. It affects versions from 12.2.3 through 12.2.14.
“Easily exploitable vulnerability allows an unauthenticated attacker with

The Hacker News – ​Read More

These Bose headphones took my favorite AirPods Max battery feature – and did it even better

/in

Expanded battery capacity is a plus, but smarter power management is even better.

Latest news – ​Read More

I thought the Bose QuietComfort headphones already hit their peak – then I tried the newest model

/in

With the new QuietComfort Ultra 2, Bose doesn’t try to reinvent the wheel. Instead, it’s made strides in almost every essential aspect.

Latest news – ​Read More

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

/in

Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments.
“Threat actors are authenticating into multiple accounts rapidly across compromised devices,” it said. “The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing.”
A significant chunk of

The Hacker News – ​Read More

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

/in

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.
The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the attackers

The Hacker News – ​Read More

‘Happy Gilmore’ Producer Buys Spyware Maker NSO Group

/in

Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more.

Security Latest – ​Read More