Cybersecurity
Malicious npm packages steal developer credentials on multiple platforms
Lisa Kern AI द्वारा उत्पन्न छवि
Ten typosquatted npm packages, uploaded on July 4, 2025, have been found downloading an infostealer that targets sensitive data across Windows, Linux, and macOS systems. These packages, mimicking popular libraries, evaded detection through multiple obfuscation layers and amassed nearly 10,000 downloads. Cybersecurity firm Socket reported the threat, noting the packages remain available in the registry.
Amazon outage caused by single failure in AWS network
A software bug in Amazon Web Services' DynamoDB DNS management system triggered a 15-hour outage affecting millions worldwide. The failure originated in the US-East-1 region and cascaded to impact services like Snapchat and Roblox. Amazon engineers detailed the root cause as a race condition that led to inconsistent network states.
Gunra ransomware exploits Windows and Linux with encryption vulnerabilities
The Gunra ransomware group, active since April 2025, targets both Windows and Linux systems worldwide through platform-specific malware variants. While the Windows version employs secure encryption, the Linux variant suffers from critical weaknesses that allow brute-force decryption. Organizations in regions like South Korea have reported infections, highlighting the group's expanding operations.
SquareX exposes spoofing vulnerability in AI browsers
28 अक्टूबर 2025 17:25Kali Linux 2025.3 release introduces new tools and updates
28 अक्टूबर 2025 00:38Qilin ransomware uses WSL to run Linux encryptors on Windows
27 अक्टूबर 2025 10:24Scam targets LastPass users with fake death certificate claims
27 अक्टूबर 2025 09:05Experts warn of OAuth token theft in Microsoft Copilot Studio
27 अक्टूबर 2025 08:30Millions of attacks exploit old WordPress vulnerabilities
25 अक्टूबर 2025 21:42Cuba among first signatories of cybercrime convention
25 अक्टूबर 2025 07:59Amazon web services outage disrupts wide swaths of the web
24 अक्टूबर 2025 09:38Thousands of YouTube videos disguised as cheat codes removed for spreading malware
24 अक्टूबर 2025 06:06Microsoft issues emergency patch for Windows Server
New gentlemen's raas advertised on underground forums
Lisa Kern AI द्वारा उत्पन्न छवि
Threat actor zeta88 is promoting a new ransomware-as-a-service operation called The Gentlemen's RaaS on hacking forums, targeting Windows, Linux, and ESXi systems. The platform offers affiliates 90 percent of ransom payments and features cross-platform encryption tools developed in Go and C. This development highlights the ongoing commercialization of sophisticated ransomware targeting enterprise environments.
Qilin ransomware uses WSL to run Linux encryptors on Windows
Cybersecurity researchers have uncovered a tactic by the Qilin ransomware group that exploits Microsoft's Windows Subsystem for Linux (WSL) to execute Linux-based encryption tools on Windows machines. This method allows attackers to bypass many endpoint detection and response (EDR) systems by operating in a Linux sandbox environment that traditional tools often overlook. The technique highlights the growing sophistication of ransomware operations blending operating systems.
Qilin ransomware deploys Linux binaries against Windows systems
The Qilin ransomware group, also known as Agenda, has developed a hybrid attack using Linux payloads on Windows hosts to evade detection. By abusing legitimate remote management tools and exploiting vulnerable drivers, attackers disable defenses and target backups. This cross-platform tactic highlights evolving ransomware sophistication.
Malicious packages overwhelm NPM with over 86,000 downloads
Security firm Koi has uncovered a campaign called PhantomRaven that flooded the NPM registry with 126 malicious packages since August. These packages, downloaded more than 86,000 times, exploit a feature allowing unvetted dependencies from untrusted sites. As of late October 2025, about 80 of the packages remained available.