Darktrace reveals ShadowV2 botnet exploiting Docker misconfigurations in AWS

The campaign detailed in the report, dubbed “ShadowV2,” is a Python-based command-and-control framework hosted on GitHub ...
The Hacker News

Researchers Expose Phishing Threats Distributing CountLoader and PureRAT

Amatera Stealer, once launched, gathers system information, collects files matching a predefined list of extensions, and ...
Infosecurity Magazine

Confucius Shifts from Document Stealers to Python Backdoors

The Confucius cyber-espionage group has shifted its tactics from document-focused stealers to Python-based backdoors like ...
TechSpot

The rise of mega botnets weaponizing hacked devices for internet-scale attacks

A hot potato: For years, cloud providers and internet backbone operators have been able to absorb smaller-scale assaults. Whether their defenses can withstand the reach of today's massive botnets ...

That annoying SMS phish you just got may have come from a box like this

Scammers have been abusing unsecured cellular routers used in industrial settings to blast SMS-based phishing messages in campaigns that have been ongoing since 2023, researchers said.
Wall Street Journal

The Boys Are Not Alright

Apple’s new Liquid Glass iPhone redesign is its biggest visual makeover in years. WSJ’s Joanna Stern shows you what’s new—and how to turn off the changes you don’t like. Photo Illustration: Jacob ...
Bleeping Computer

SystemBC malware turns infected VPS systems into proxy highway

The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day that provide a highway for malicious ...
Wall Street Journal

The Feds Destroyed an Internet Weapon, but Criminals Picked Up the Pieces

Federal authorities recently disrupted a network of hacked devices used by criminals in some of the largest online attacks yet seen. Now those devices have been hacked by someone new to build an even ...
PC Gamer

US DoJ puts $11 million bounty on ransomware king allegedly responsible for stealing $18 billion

Security One UK national arrested in joint-US operation is accused of being part of Scattered Spider, a group involved 'in a sweeping cyber extortion scheme' that resulted in over $115,000,000 in ...
TechRadar

A huge Android ad fraud network was distributing malware through 224 apps - until Google fought back

SlopAds was a massive ad fraud scheme involving over 224 AI-themed apps that generated fake ad views and clicks The apps were downloaded more than 38 million times globally, peaking at 2.3 billion ad ...
Ars Technica

Here’s how potent Atomic credential stealer is finding its way onto Macs

Ads prominently displayed on search engines are impersonating a wide range of online services in a bid to infect Macs with a potent credential stealer, security companies have warned. The latest ...
TechRadar

Google confirms hackers created their own account in sensitive law enforcement portal

Cybercriminals created a fraudulent account on Google’s Law Enforcement Request System No user data was accessed, but the breach raises concerns about flaws in Google’s approval process The group ...