A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab. “Kimwolf is a botnet compiled using the NDK [Native Development…

But media reports described the attack as causing major disruption to PDVSA, the state-owned oil and natural gas company. ​ ​ ​Read More

Amazon detailed a long-running campaign by Russia against critical infrastructure organizations, particularly in the energy sector. ​ ​ ​Read More

An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper ​ ​ ​Read More

Urban VPN Proxy, which claims to protect users’ privacy, collects data from conversations with ChatGPT, Claude, Gemini, Copilot and other AI assistants. ​ ​ ​Read More

Two Apple zero-day vulnerabilities discovered this month have overlap with another mysterious zero-day flaw Google patched last week. ​ ​ ​Read More

Etay Mayor, a cybersecurity strategist and professor, shares his journey, insights, and advice on breaking into the diverse and ever-evolving field of cybersecurity. ​ ​ ​Read More

A Google Chrome extension with a “Featured” badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, xAI Grok, Meta AI, and Perplexity. The extension in question is Urban VPN Proxy, which has a 4.7…

A new version of VolkLocker, wielded by the pro-Russia RaaS group CyberVolk, has some key enhancements but one fatal flaw. ​ ​ ​Read More

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. CVE-2018-4063 (CVSS score: 8.8/9.9) refers to an unrestricted file upload vulnerability that could be exploited to achieve remote code ​…