Content Paint
Search
Sign in

Vault 33 | Cyber News & Intel

Vault 33 is your ultimate hub for cutting-edge cybersecurity insights, delivering expert analysis, detailed tutorials, research, and the latest updates in threat and vulnerability management.

News  | Mar 27, 2025
Protect Your Genetic Data: Delete 23andMe Info Now
/
Cybersecurity hacker in neon mask within a circuit board, emphasizing data protection and cyber threats.
Intel  | Mar 27, 2025
New ReaderUpdate Malware Targets macOS Users: Threat Insights
/
AI-generated digital environment with cybersecurity shields and data protections, illustrating macOS malware threats.
Intel  | Mar 27, 2025
RedCurl Cyber Threat Evolving: Ransomware Targets Hyper-V Servers
/
AI robot analyzing cybersecurity data in a neon-lit control room, illustrating advanced threats and ransomware vulnerabilities.
Intel  | Mar 27, 2025
New npm Backdoor Attack: Threats to Software Supply Chain
/
Vibrant digital circuit board representing cybersecurity threats and software supply chain vulnerabilities in modern tech.
News  | Mar 27, 2025
Oracle Data Breach: Threat Actor Confirms Stolen User Data
/
Vibrant digital landscape with data security grids and AI elements, symbolizing modern cybersecurity challenges and breaches.
Intel  | Mar 25, 2025
EncryptHub Targets MMC Zero-Day Vulnerability in Windows Systems
/
Futuristic city skyline with quantum data nodes and cybersecurity visuals, highlighting encryption and zero-day vulnerabilities.

Discover Our Featured Posts

Featured Posts

10 Posts
Intel  | Feb 25, 2025
North Korea's $1.5B Crypto Heist: Major Security Wake-Up Call

The cryptocurrency sector is reeling from a massive cyberattack, allegedly orchestrated by North Korea, which resulted in the theft of $1.5 billion from the Dubai-based exchange, Bybit. This incident marks the largest digital asset heist in history, highlighting significant vulnerabilities within the industry. The Heist Unfolds Bybit officials revealed

Vibrant building clusters in north korea, representing cryptocurrency security and hacking threats.
/

The cryptocurrency sector is reeling from a massive cyberattack, allegedly orchestrated by North Korea, which resulted in the theft of $1.5 billion from the Dubai-based exchange, Bybit. This incident marks the largest digital asset heist in history, highlighting significant vulnerabilities within the industry. The Heist Unfolds Bybit officials revealed

Intel  | Feb 19, 2025
Signal Vulnerability: Hackers Use Malicious QR Codes to Hijack Accounts

Recent cyberattacks have highlighted a vulnerability in Signal's device linking feature, allowing hackers to gain unauthorized access to user accounts. These attacks, primarily attributed to Russian-aligned threat actors, exploit the app's legitimate functionality to eavesdrop on communications. Exploitation of Signal's Device Linking The attacks

Cybersecurity visual of circuits and vibrant technology displays, highlighting digital threats and QR code risks.
/

Recent cyberattacks have highlighted a vulnerability in Signal's device linking feature, allowing hackers to gain unauthorized access to user accounts. These attacks, primarily attributed to Russian-aligned threat actors, exploit the app's legitimate functionality to eavesdrop on communications. Exploitation of Signal's Device Linking The attacks

Intel  | Feb 17, 2025
Stealthy FinalDraft Malware Targets Outlook for C2 Operations

A novel malware named FinalDraft has been identified leveraging Outlook email drafts for command-and-control (C2) communications. This sophisticated attack has targeted a government ministry in a South American nation, as discovered by Elastic Security Labs. Malware Attack Overview The attack employs a comprehensive toolkit, including a custom malware loader called

Digital circuit board with lock symbol, representing cybersecurity risks and malware targeting Outlook in C2 operations.
/

A novel malware named FinalDraft has been identified leveraging Outlook email drafts for command-and-control (C2) communications. This sophisticated attack has targeted a government ministry in a South American nation, as discovered by Elastic Security Labs. Malware Attack Overview The attack employs a comprehensive toolkit, including a custom malware loader called

Intel  | Feb 02, 2025
CONTEC CMS8000 Patient Monitors: Vulnerability or Backdoor?

Recent alerts from the Cybersecurity Infrastructure & Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have raised concerns about potential vulnerabilities in the CONTEC CMS8000 patient monitors. These alerts suggest the presence of a backdoor communicating with a Chinese IP address. However, upon investigation, it appears

Futuristic digital environment illustrating data security, AI technologies, and cybersecurity innovations in vibrant colors.
/

Recent alerts from the Cybersecurity Infrastructure & Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have raised concerns about potential vulnerabilities in the CONTEC CMS8000 patient monitors. These alerts suggest the presence of a backdoor communicating with a Chinese IP address. However, upon investigation, it appears

Research  | Jan 21, 2025
AI tool GeoSpy analyzes images and identifies locations in seconds

The emergence of GeoSpy, an AI-powered tool, underscores the growing need for caution in online photo sharing. This innovative software swiftly determines a location through image analysis, presenting notable privacy and security concerns. GeoSpy's Capabilities and Development GeoSpy, created by Graylark Technologies, employs artificial intelligence to identify locations

AI tool GeoSpy analyzes images and identifies locations in seconds
/

The emergence of GeoSpy, an AI-powered tool, underscores the growing need for caution in online photo sharing. This innovative software swiftly determines a location through image analysis, presenting notable privacy and security concerns. GeoSpy's Capabilities and Development GeoSpy, created by Graylark Technologies, employs artificial intelligence to identify locations

Intel  | Jan 17, 2025
FBI Informant Communications Compromised: AT&T Breach Reveals Expanded Damage

A significant breach of AT&T's network by the Chinese state-sponsored group, Salt Typhoon, has led to unauthorized access to sensitive U.S. telecommunications data. Active undetected for over 18 months until 2023, the breach exposed critical communications metadata of FBI informants, potentially creating a crisis for

FBI Informant Communications Compromised: AT&T Breach Reveals Expanded Damage
/

A significant breach of AT&T's network by the Chinese state-sponsored group, Salt Typhoon, has led to unauthorized access to sensitive U.S. telecommunications data. Active undetected for over 18 months until 2023, the breach exposed critical communications metadata of FBI informants, potentially creating a crisis for

Intel  | Jan 11, 2025
China's UNC5337 Exploits Critical Ivanti RCE Vulnerability in Repeated Attacks

A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting

China's UNC5337 Exploits Critical Ivanti RCE Vulnerability in Repeated Attacks
/

A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting

News  | Dec 13, 2024
US Government Offering $5 Million for Information on North Korean IT Worker Farms

The United States has announced a reward of up to $5 million for information leading to the disruption of North Korean IT worker schemes. These operations involve illicit remote work practices that fuel the nation's prohibited missile programs. Involved Entities Two companies, Yanbian Silverstar based in China and

US Government Offering $5 Million for Information on North Korean IT Worker Farms
/

The United States has announced a reward of up to $5 million for information leading to the disruption of North Korean IT worker schemes. These operations involve illicit remote work practices that fuel the nation's prohibited missile programs. Involved Entities Two companies, Yanbian Silverstar based in China and

News  | Nov 27, 2024
Researchers Have Discovered a new UEFI Bootkit Malware for Linux

In a groundbreaking discovery, researchers have identified "the first UEFI bootkit specifically engineered to target Linux systems". This represents a significant evolution in bootkit threats, which have historically concentrated on Windows environments. Innovative Threat The UEFI bootkit is a sophisticated form of malware designed to integrate into the

Researchers Have Discovered a new UEFI Bootkit Malware for Linux
/

In a groundbreaking discovery, researchers have identified "the first UEFI bootkit specifically engineered to target Linux systems". This represents a significant evolution in bootkit threats, which have historically concentrated on Windows environments. Innovative Threat The UEFI bootkit is a sophisticated form of malware designed to integrate into the

Intel  | Nov 22, 2024
Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'

Russian APT28 Hackers Exploit US Company Wi-Fi from Afar In a remarkable demonstration of their capabilities, Russian cyber espionage group APT28, also known as Fancy Bear and linked to Russia's military intelligence agency GRU, successfully infiltrated a U.S. company's Wi-Fi network from a distant location.

Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'
/

Russian APT28 Hackers Exploit US Company Wi-Fi from Afar In a remarkable demonstration of their capabilities, Russian cyber espionage group APT28, also known as Fancy Bear and linked to Russia's military intelligence agency GRU, successfully infiltrated a U.S. company's Wi-Fi network from a distant location.

Read Our Latest Posts

Latest Posts

345 Posts
News  | Mar 27, 2025
Protect Your Genetic Data: Delete 23andMe Info Now
Cybersecurity hacker in neon mask within a circuit board, emphasizing data protection and cyber threats.

This week, genetic testing company 23andMe filed for bankruptcy, raising concerns about the fate of users' genetic data. With the possibility of data being sold, now is the time to consider deleting your information from their database. Why You Should Act Now When 23andMe first hinted at a potential

Intel  | Mar 27, 2025
New ReaderUpdate Malware Targets macOS Users: Threat Insights
AI-generated digital environment with cybersecurity shields and data protections, illustrating macOS malware threats.

In a recent development, cybersecurity experts have identified new variants of the ReaderUpdate malware targeting macOS users. These variants are written in diverse programming languages such as Crystal, Nim, Rust, and Go, posing a significant threat to users of Apple devices. Emergence of New Malware Variants Initially detected as a

Intel  | Mar 27, 2025
RedCurl Cyber Threat Evolving: Ransomware Targets Hyper-V Servers
AI robot analyzing cybersecurity data in a neon-lit control room, illustrating advanced threats and ransomware vulnerabilities.

A cyber threat group known as 'RedCurl,' which has been involved in covert corporate espionage since 2018, has shifted tactics to include a ransomware encryptor aimed at Hyper-V virtual machines. This marks a significant evolution in their operational strategy, as they previously focused on data exfiltration from corporate

Intel  | Mar 27, 2025
New npm Backdoor Attack: Threats to Software Supply Chain
Vibrant digital circuit board representing cybersecurity threats and software supply chain vulnerabilities in modern tech.

Recent discoveries have unveiled a new threat on the npm (Node package manager) platform, where malicious packages are used to secretly alter legitimate, locally installed packages, embedding a persistent reverse shell backdoor. This tactic ensures that even if the harmful packages are removed, the backdoor remains active on the victim&

News  | Mar 27, 2025
Oracle Data Breach: Threat Actor Confirms Stolen User Data
Vibrant digital landscape with data security grids and AI elements, symbolizing modern cybersecurity challenges and breaches.

Despite Oracle's denial of a breach in its Cloud federated SSO login servers, evidence suggests otherwise. Multiple companies have confirmed the authenticity of data samples allegedly stolen by a threat actor. Details of the Alleged Breach Recently, an individual identified as ‘rose87168’ claimed responsibility for breaching Oracle Cloud

Intel  | Mar 25, 2025
EncryptHub Targets MMC Zero-Day Vulnerability in Windows Systems
Futuristic city skyline with quantum data nodes and cybersecurity visuals, highlighting encryption and zero-day vulnerabilities.

A sophisticated cyber threat actor known as EncryptHub has been identified in a series of zero-day attacks targeting a vulnerability within the Microsoft Management Console (MMC). This flaw, recently patched by Microsoft, allows attackers to bypass security features and execute malicious code on Windows systems. Understanding the MMC Vulnerability The

News  | Mar 25, 2025
VanHelsing RaaS: New Multi-OS Threat with Double Extortion
Cybersecurity circuit board illustration highlighting VanHelsing RaaS threat with neon elements and double extortion themes.

The VanHelsing ransomware-as-a-service (RaaS) has surfaced, impacting three victims since its launch on March 7, 2025. This operation demands ransoms up to $500,000, making it a significant threat in the cybersecurity landscape. Understanding the VanHelsing Model VanHelsing operates on a RaaS model, allowing both seasoned hackers and newcomers to

Intel  | Mar 25, 2025
New Android Malware Uses .NET MAUI to Avoid Detection
Futuristic digital environment with neon circuitry and security interfaces, symbolizing advanced malware threats in cybersecurity.

Recent discoveries reveal that new Android malware campaigns are leveraging Microsoft's cross-platform framework, .NET MAUI, to disguise themselves as legitimate applications and avoid detection. This innovative tactic was identified by McAfee's Mobile Research Team, part of the App Defense Alliance, which focuses on enhancing Android security.

Intel  | Mar 25, 2025
Critical Ingress NGINX Vulnerabilities Enable Remote Code Execution
Vibrant digital circuit board with neon colors illustrating AI-driven cybersecurity mechanisms and data protection technologies.

A significant security flaw has been identified in the Ingress NGINX Controller for Kubernetes, potentially allowing unauthenticated remote code execution. This vulnerability endangers over 6,500 clusters by exposing them to the public internet. Details of the IngressNightmare Vulnerabilities The vulnerabilities, collectively known as IngressNightmare, have been assigned CVE identifiers

Browse by Tags

3 Tags
Intel
Intel
News
News
Research
Research
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.