Browsing: Security

The destructive Kimwolf botnet has infected millions of unofficial Android TV streaming boxes, forcing them into DDoS attacks and residential proxy services. This article delves into the digital footprints left by the operators and beneficiaries, including Resi Rack, Plainproxies, and Maskify, and highlights the interconnected web of cybercriminal activity surrounding Kimwolf and its predecessor, Aisuru.

Scattered Lapsus ShinyHunters (SLSH) employs aggressive extortion tactics, including harassment and threats against executives and their families. Despite some victims reportedly paying, experts warn that engaging with this unreliable group beyond a refusal to pay only escalates the harassment, as their history suggests they often do not uphold their promises.

The U.S. cyber defense agency, CISA, has mandated that federal civilian agencies patch a critical vulnerability in SolarWinds’ Web Help Desk (WHD) tool by Friday. This flaw, identified as CVE-2025-40551, is actively being exploited by hackers and carries a severity score of 9.8 out of 10.

Secretaries of State are scrambling to replace cybersecurity services once provided by CISA and other federal agencies.

US Customs and Border Protection (CBP) is funding General Dynamics to develop prototype “quantum sensors” integrated with an AI database. This technology aims to detect fentanyl and other illicit substances in vehicles and containers, enhancing national security efforts.

A large-scale Android malware campaign is reportedly exploiting Hugging Face’s public hosting infrastructure to distribute a remote access trojan (RAT). This operation uses social engineering and staged payload delivery, with attackers generating thousands of unique Android package variants to bypass detection, according to Bitdefender Labs.

A new Internet-of-Things (IoT) botnet named Kimwolf has infected over 2 million devices, leveraging them for DDoS attacks and malicious traffic. Research indicates Kimwolf’s surprising prevalence in government and corporate networks, exploiting residential proxy services and vulnerable Android TV boxes to scan and compromise local networks.

Microsoft has rolled out the optional KB5074105 preview cumulative update for Windows 11, bringing 32 changes. This update resolves various issues, including problems with system boot, user sign-in, and Windows activation, offering quality improvements ahead of the next Patch Tuesday.

Google has significantly disrupted IPIDEA, a China-based residential proxy network, removing millions of devices from a malicious network used by cybercriminals and espionage groups. This action highlights the ongoing challenge of dismantling sophisticated cybercrime infrastructure.

A recent investigation uncovered 175,000 publicly exposed Ollama AI servers across 130 countries, creating an unmanaged layer of AI compute infrastructure. These systems, many with tool-calling capabilities, operate outside standard security protocols, making them vulnerable to LLMjacking and other cyber threats.