Cisco ASA zero-day attacks used RayInitiator bootkit and LINE VIPER malware to breach end-of-support firewalls.
Category: cybercrime/malcode – Page 3
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms.
XCSSET is a modular macOS malware that acts as an infostealer and cryptocurrency stealer, stealing Notes, cryptocurrency wallets, and browser data from infected devices. The malware spreads by searching for and infecting other Xcode projects found on the device, so that the malware is executed when the project is built.
“The XCSSET malware is designed to infect Xcode projects, typically used by software developers, and run while an Xcode project is being built,” explains Microsoft.
ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service
Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest.
The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web Services (AWS) cloud servers to deploy a Go-based malware that turns infected systems into attack nodes and co-opt them into a larger DDoS botnet. The cybersecurity company said it detected the malware targeting its honeypots on June 24, 2025.
“At the center of this campaign is a Python-based command-and-control (C2) framework hosted on GitHub Codespaces,” security researcher Nathaniel Bill said in a report shared with The Hacker News.
Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack
Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps).
DDoS attacks typically exhaust either system or network resources, aiming to make services slow or unavailable to legitimate users.
Record-breaking DDoS attacks are becoming more frequent, as just three weeks ago, Cloudflare disclosed that it mitigated a massive 11.5 Tbps and 5.1 Bpps attack, the largest publicly announced at the time.
Boyd Gaming discloses data breach after suffering a cyberattack
US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals.
Boyd Gaming is a public US casino entertainment company with 28 gaming properties in ten states, including Nevada, Illinois, Indiana, Iowa, Kansas, Louisiana, Mississippi, Missouri, Ohio, and Pennsylvania, and the management of a tribal casino in northern California. The firm employs over 16,000 people and had an annual revenue of $3.9 billion in 2024.
In a Tuesday evening FORM 8-K filing with the SEC, Boyd Gaming disclosed it recently suffered a cyberattack in which attackers gained access to its systems.
Libraesva ESG issues emergency fix for bug exploited by state hackers
Libraesva rolled out an emergency update for its Email Security Gateway (ESG) solution to fix a vulnerability exploited by threat actors believed to be state sponsored.
The email security product protects email systems from phishing, malware, spam, business email compromise, and spoofing, using a multi-layer protection architecture.
According to the vendor, Libraesva ESG is used by thousands of small and medium businesses as well as large enterprises worldwide, serving over 200,000 users.