You must login to view this content
A sprawling network that’s seemingly maintained to serve (illegal) online gambling opportunities and deliver malware to Indonesian citizens is likely also being used to provide threat actors command and control (C2) and anonymity services. “The infrastructure has been active for at least 14 years and currently spans 328,039 domains: 236,433 purchased domains, 90,125 hacked websites, and 1,481 hijacked subdomains, including subdomains of government websites,” says Kobi Ben Naim, CEO and Head of Research at Malanta. … More →
The post Massive gambling network doubles as hidden C2 and anonymity infrastructure, researchers say appeared first on Help Net Security.
CISA has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The vulnerabilities affect the Android OS and pose significant risks to millions of mobile devices worldwide. CISA added the vulnerabilities to its KEV catalog on December 2, 2025, requiring federal agencies and critical infrastructure operators […]
The post CISA Warns of Android 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.
MuddyWater, an Iran-aligned cyberespionage group also known as Mango Sandstorm, has launched a new, highly targeted campaign against critical infrastructure in Israel and Egypt. Active from September 2024 through March 2025, the group zeroed in on diverse sectors including engineering, utilities, local government, and technology. This operation marks a distinct evolution in their operational maturity, […]
The post MuddyWater Attacks Critical Infrastructure With Custom Malware and Improved Tactics appeared first on Cyber Security News.
You must login to view this content