Posts

The Hacker News - Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia's Federal Security Service (FSB) from The Hacker News https://thehackernews.com/2026/05/turla-turns-kazuar-backdoor-into.html
Post a Comment
Read more

KnowBe4 - Why Integrate Threat Intelligence Feeds into Email Security?

Image
It's getting harder to distinguish legitimate emails from malicious ones as phishing messages mimic real conversations, use trusted domains and increasingly leverage AI to scale and refine attacks. from KnowBe4 Blog https://blog.knowbe4.com/why-integrate-threat-intelligence-feeds-into-email-security
Post a Comment
Read more

The Hacker News - Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit an attacker to establish a foothold, expose sensitive data, and plant backdoors. A brief description of the flaws is below - from The Hacker News https://thehackernews.com/2026/05/four-openclaw-flaws-enable-data-theft.html
Post a Comment
Read more

KnowBe4 - Traffic-Themed SMS Phishing Targets Users Around the World

Image
Researchers at Bitdefender are tracking 40 separate SMS phishing (smishing) campaigns impersonating transport authorities, toll operators, and parking services around the world. The researchers have observed more than 79,000 scam text messages with over 29,000 unique variants. The attacks are targeting users in multiple languages. from KnowBe4 Blog https://blog.knowbe4.com/traffic-themed-sms-phishing-global-campaigns
Post a Comment
Read more

The Hacker News - Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - node-ipc@9.1.6 node-ipc@9.2.3 node-ipc@12.0.1 "Early analysis indicates that node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1 from The Hacker News https://thehackernews.com/2026/05/stealer-backdoor-found-in-3-node-ipc.html
Post a Comment
Read more

The Hacker News - ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years ago. The mess keeps getting louder: users get tricked, boxes get popped, tools meant for normal work from The Hacker News https://thehackernews.com/2026/05/threatsday-bulletin-pan-os-rce-mythos.html
Post a Comment
Read more