The Hacker News

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm V6.0 is designed to connect to its C2 server at 94.159.113 [.]64 on port 4411 and supports a command called "plugin" to ...

XWorm malware resurfaces with ransomware module, over 35 plugins

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, ...
Krebs on Security

ShinyHunters Wage Broad Corporate Extortion Spree

On October 5, the Scattered LAPSUS$ Hunters victim shaming and extortion blog announced that the group was responsible for a ...
WeLiveSecurity

New spyware campaigns target privacy-conscious Android users in the UAE

ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users ...
Infosecurity Magazine

Chinese-Speaking Cybercrime Group Hijacks IIS Servers for SEO Fraud

Cisco Talos has identified a Chinese-speaking cybercrime group that targets high-value Internet Information Services (IIS) ...

Android spyware campaigns impersonate Signal and ToTok messengers

Two new spyware campaigns that researchers call ProSpy and ToSpy lured Android users with fake upgrades or plugins for the ...

Dangerous DNS malware infects over 30,000 websites - so be on your guard

Security researchers have spotted an enormous malware campaign which managed to quietly compromise more than 30,000 websites, ...
Techopedia

Types of Malware in 2025: What Tactics Do Hackers Use Most?

Discover the types of malware in 2025, from backdoors to ransomware, and learn which families hackers use most in real-world ...
The Hacker News

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending ...