Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware

Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations. Cybersecurity…

HackRead
Open in Source
#google#git#intel#backdoor
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems

An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme. "This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads," Bitdefender

CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems. According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures. CHILLYHELL is the name assigned to a malware

Dormant macOS Backdoor ChillyHell Resurfaces

With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols.

New Buterat Backdoor Malware Found in Enterprise and Government Networks

Meet Buterat, a new backdoor malware spreading through phishing and trojanized downloads, giving attackers persistent access to enterprise and government networks.

Cindy Cohn Is Leaving the EFF, but Not the Fight for Digital Rights

After 25 years at the Electronic Frontier Foundation, Cindy Cohn is stepping down as executive director. In a WIRED interview, she reflects on encryption, AI, and why she’s not ready to quit the battle.

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm ("support@npmjs[.]help"), urging them to update their update their two-factor authentication (2FA) credentials before September 10, 2025, by clicking on

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign

A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025. "The campaign is targeted towards employees of KazMunaiGas or KMG where the threat entity

Critical SAP Vulnerability CVE-2025-42957 Actively Exploited by Hackers

Urgent security alert for SAP users! A critical vulnerability (CVE-2025-42957) allows attackers to take full control of your…