news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Middle East
- Business Services
- Data Encrypted For Impact
- Handala
- Jobinfo
- Israel
- Asia
- Shelter Locations In Israel
- Cyber Fattah Team
- Retail
- Saudi Games
- Saudi Arabia
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Kibbutz Almog
- Government
- Manufacturing
- Saban Brands Israel
- Mprest
- Digitalghost
- The Knesset
- Evil_Byte
- Gonjeshke Darande
- Nobitex
- Chemicals And Allied Products
- Kimia Farma
- exclusive
- Sentap
- Indonesia
- South-Eastern Asia
- Hensi
- Northern Europe
- Scania
- Europe
- Transportation
- Sweden
- Media
- Tbn Israel
- Weizmann Institute Of Science
- Education
- Israeli Air Force
- Resistancetrench
- Israel Antiquities Authority
- Dienet
- Wazuh
- Mirai
- Cve-2025-24016
- United States
- North America
- CVE-2025-24016
- Epsilor Electric Fuel
- Technology
- Clayoxtymus1337
- Advanced Weapons And Equipment India
- Southern Asia
- India
- Fin6
- More_Eggs
- Alex Lab
- Cryptocurrency
- Edf Energy
- Critical Infrastructures
- United Kingdom
- Zoldyck
- Unix Shell
- Spectrum
- Sudo And Sudo Caching
- Credentials In Files
- Amos
- Match Legitimate Name Or Location
- Telecommunications
- Disable Or Modify Tools
- Spearphishing Link
- Ingress Tool Transfer
- Israel Defense Forces
- Food And Kindred Products
- Coca-Cola Europacific Partners
- Ghna
- Automotive
- Southern Europe
- Italy
- Locauto
- Mercadona
- Whitecoat
- Spain
- Ups
- Wow Health Solutions
- Healthcare
- Cyprus Airways
- Rip_Real_World
- Netsupport Rat
- Illeak
- Tel Aviv University
- Desec0X
- Cyberlock
- Numero
- Yashma
- Unc6032
- Chaos
- Lucky_Gh0$T
- 303
- Deloitte
- Gucci
- Data From Local System
- System Information Discovery
- Eddiestealer
- Exfiltration Over C2 Channel
- Windows Credential Manager
- User Execution
- Phishing
- Obfuscated Files Or Information
- Virtualization/Sandbox Evasion
- Input Capture
- Credentials From Password Stores
- Command And Scripting Interpreter
- Password Managers
- Drive-By Compromise
- Screen Capture
- Credentials From Web Browsers
- File And Directory Discovery
- W_Tchdogs
- Superloop
- Australia And New Zealand
- Australia
- Resource Hijacking
- Remote System Discovery
- Escape To Host
- Deploy Container
- Change Default File Association
- Docker
- Exploit Public-Facing Application
- External Remote Services
- Web Protocols
- Smb/Windows Admin Shares
- Lateral Tool Transfer
- Network Service Discovery
- Exploitation For Client Execution
- Financial Theft
- Eastern Europe
- Romania
- Bitdefender
- Venom Rat
- Cameleon
- Cve-2023-20118
- Vicioustrap
- Macao Special Administrative Region
- Eastern Asia
- CVE-2023-20118
- Cisco
- Tetraloader
- Cve-2025-0944
- Trimble
- Uat-6382
- CVE-2025-0944
- Silver Fox
- China
- File Deletion
- Powershell
- Malicious File
- Valleyrat
- Regsvr32
- Masquerade Task Or Service
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- Process Discovery
- Scheduled Task
- Rundll32
- Reflective Code Loading
- Dynamic-Link Library Injection
- Trickbot
- Danabot
- Warmcookie
- Bumblebee
- Qakbot
- Cetus
- Purehvnc
- Bytebreaker
- Latin America And The Caribbean
- Telcel
- Viralgod
- Mexico
- Peter Green Chilled
- Cellcom
-
May 26, 2025
Vicioustrap Threat Actor Compromises Thousands of Network Devices
Cybersecurity researchers have uncovered a threat actor known as Vicioustrap, who has compromised approximately 5,300 network edge devices across 84 countries, primarily in Macau. This actor exploits a critical vulnerability (CVE-2023-20118) in various Cisco routers to redirect traffic to a honeypot-like infrastructure, allowing them to monitor and intercept network flows. The attack chain involves executing a shell script that facilitates adversary-in-the-middle attacks, with indications that the actor may be of Chinese-speaking origin. The ultimate goal of the Vicioustrap operation remains uncertain, although it is believed to be focused on creating a honeypot network.