Author: Robert Timlick

  • Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

    Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

    Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.
    ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using
  • Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

    Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

    Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers.
    The malicious activity has been codenamed RedisRaider by Datadog Security Labs.
    “RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,”
  • Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

    Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

    Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs.
    All three packages are no longer available on PyPI. The names of the Python packages are below –

    checker-SaGaF (2,605 downloads)
    steinlurks (1,049 downloads)
    sinnercore (3,300 downloads)

  • RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

    RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

    The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility.
    “Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience,” the company said in a statement posted on its website.
    “Robware.net and RVTools.com are the only authorized and supported websites for
  • Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

    Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

    Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts.
    “Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early 2025, we have observed multiple ransomware operators using it
  • Why CTEM is the Winning Bet for CISOs in 2025

    Why CTEM is the Winning Bet for CISOs in 2025

    Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk.
    At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications

    [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications

    Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done.
    Attackers don’t wait. They exploit vulnerabilities within hours. Yet most organizations take days to respond to critical cloud alerts. That delay isn’t
  • Statewide arts group sues DOGE, National Endowment for the Humanities

    Statewide arts group sues DOGE, National Endowment for the Humanities

    Oregon Humanities says that in cutting federal arts funding, Trump’s team usurped congressional authority.
  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

    New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

    Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China.
    “Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks,” NSFOCUS said in a report published this week. “By
  • Top 10 Best Practices for Effective Data Protection

    Top 10 Best Practices for Effective Data Protection

    Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework?
    In this article, we’ll explore data protection best practices from meeting