Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware

Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 now to…

HackRead
Open in Source
#vulnerability#web#backdoor#zero_day#firefox
ReVault! When your SoC turns against you… deep dive edition

Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”.

The US Court Records System Has Been Hacked

Plus: Instagram sparks a privacy backlash over its new map feature, hackers steal data from Google's customer support system, and the true scope of the Columbia University hack comes into focus.

Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds

Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics—that are sold with Securam Prologic locks.

Encryption Made for Police and Military Radios May Be Easily Cracked

Researchers found that an encryption algorithm likely used by law enforcement and special forces can have weaknesses that could allow an attacker to listen in.

Backdoors & Breaches: How Talos is helping humanitarian aid NGOs prepare for cyber attacks

In 2023, Cisco Talos and partners created a special Backdoors & Breaches card deck to help NGOs improve their cybersecurity skills with practical, easy-to-use training tailored to their needs.

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.

New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor

Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control.

New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. "The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access," Nextron Systems researcher Pierre-Henri Pezier said. Pluggable Authentication Modules

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations. The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and AK47DNS, respectively, by