Infosec specialists at eSentire have discovered a new ChaosBot backdoor written in Rust that allows its operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. The malware is notable for using Discord as its command-and-control…
CONTINUE READING 🡒 Author: HackMag
Major Botnet Attacks RDP Services in the US
A new large-scale botnet has been detected that is attacking Remote Desktop Protocol (RDP) services in the United States, using more than 100,000 IP addresses. Analysts at GreyNoise report that the attacks began on October 8, 2025.
CONTINUE READING 🡒 
Microsoft Disables IE Mode in Edge Due to Abuse by…
Microsoft developers have overhauled the Internet Explorer (IE) mode in the Edge browser. The reason is that in August 2025 the company received “credible reports” that unknown hackers were abusing the backward compatibility feature to gain unauthorized…
CONTINUE READING 🡒 
Malware was distributed via Unity’s official website
Unity Technologies, a developer of software for video games, discovered malicious code on its SpeedTree toolkit website that stole confidential data from hundreds of customers.
CONTINUE READING 🡒 
Microsoft warns of a hacking group stealing university employees’ paychecks
Microsoft analysts have discovered that since March 2025, the group Storm-2657 has been targeting employees at U.S. universities, taking over accounts and redirecting paychecks to its own accounts.
CONTINUE READING 🡒 
Apple is offering up to $2 million for vulnerabilities in…
Apple has announced a major update and expansion of its bug bounty program. The company is doubling the maximum payouts for bug hunters, adding new categories to the program, and offering up to US$2 million for complex…
CONTINUE READING 🡒 
FBI shuts down yet another version of BreachForums
The FBI has seized yet another BreachForums domain (Breachforums[.]hn) that hackers used for data dumps, listing 39 organizations affected by Salesforce-related data breaches. The threat actors now claim that law enforcement not only took the site offline…
CONTINUE READING 🡒 
Velociraptor Forensic Tool Used to Deploy LockBit and Babuk Ransomware
Cisco Talos analysts warn that the Velociraptor tool, designed for digital forensics and incident response, is being used in LockBit and Babuk ransomware attacks.
CONTINUE READING 🡒 
Anthropic: As few as 250 malicious documents in the training…
Anthropic specialists, together with the UK government’s AI Safety Institute, the Alan Turing Institute, and other academic institutions, reported that as few as 250 specially crafted malicious documents are enough to make an AI model generate nonsensical…
CONTINUE READING 🡒 
Attackers stole firewall configurations for all SonicWall customers who used…
SonicWall has confirmed that the data leak that occurred last month affected all customers who used the company’s cloud backup service. As a result, firewall configurations stored in MySonicWall ended up in the hands of hackers.
CONTINUE READING 🡒 
RondoDox Botnet Exploits 56 Vulnerabilities in Its Attacks
A large botnet RondoDox has been discovered that exploits 56 vulnerabilities in more than 30 different devices, including bugs first showcased at the Pwn2Own hacking competition.
CONTINUE READING 🡒 
Mic-E-Mouse Attack Turns a Computer Mouse into an Eavesdropping Device
Researchers from the University of California, Irvine have presented the Mic-E-Mouse attack. The specialists demonstrate that high-DPI optical sensors in modern mice can pick up minute surface vibrations, enabling highly accurate reconstruction of words spoken near the…
CONTINUE READING 🡒 
Figma MCP vulnerability allowed remote arbitrary code execution
Researchers from Imperva have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp (Model Context Protocol, MCP) server. The issue allowed attackers to remotely execute arbitrary code.
CONTINUE READING 🡒 
Google won’t fix the ASCII smuggling issue in the Gemini…
Google developers have reported that the “ASCII character smuggling” issue in Gemini will not be fixed. Such an attack can be used to trick the AI assistant into providing users with false information, altering the model’s behavior,…
CONTINUE READING 🡒 
Clop attacks Oracle E-Business Suite users via a 0-day vulnerability
Last week, Oracle warned customers about a critical 0-day vulnerability in E-Business Suite (CVE-2025-61882) that allows arbitrary code to be executed remotely without authentication. It has now come to light that the Clop hacking group has been…
CONTINUE READING 🡒 
Salesforce says it won’t pay the ransomware hackers who stole…
Salesforce representatives said they do not intend to negotiate or pay a ransom to the attackers behind a series of large-scale attacks involving the theft of the company’s customer data. The hackers are currently trying to extort…
CONTINUE READING 🡒 
In 2025, North Korean hackers stole more than $2 billion
According to blockchain analysts at Elliptic, over the first nine months of 2025, North Korean hackers stole more than $2 billion worth of cryptocurrency assets, setting a new record.
CONTINUE READING 🡒 
Discord confirms hackers stole government IDs from 70,000 users
Discord has stated that it will not pay a ransom to the attackers who claim to have stolen data on 5.5 million users. The stolen data includes copies of government IDs and partial payment information for some…
CONTINUE READING 🡒 
Qualcomm acquires Arduino and announces the UNO Q single-board computer
Qualcomm, a company that designs and manufactures chips for mobile phones and other electronics, is acquiring Arduino — the Italian company known for its open-source hardware and software ecosystem. In its statement, Qualcomm emphasizes that Arduino will…
CONTINUE READING 🡒 
Fires at South Korean data centers destroyed 858 TB of…
In late September 2025, South Korea faced one of the largest technological disruptions in its history. Two fires at data centers, occurring within a week, crippled hundreds of government online services, including e-government portals, postal, and tax…
CONTINUE READING 🡒