Google Disrupts IPIDEA Residential Proxy Network
Google researchers observed more than 550 individual threat groups using IPIDEA exit nodes during a one-week period earlier this month.
Author Bio
Dennis Fisher
Editor
Dennis Fisher is an award-winning journalist and author. He is one of the co-founders of Decipher and Threatpost and has been writing about cybersecurity since 2000. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. He is the author of 2.5 novels and once met Shaq. Contact: dennis at decipher.sc.
Featured Articles
Cybercrime and APT Groups Exploiting WinRAR Bug
Exploitation of CVE-2025-8088 in the wild began before disclosure, with attacks confirmed as early as July 18, 2025.
Microsoft Releases Emergency Patch for CVE-2026-21509
The vulnerability (CVE-2026-21509) requires user interaction for an attack to succeed, with the most likely vector being an attacker sending a malicious Office file to a victim, who then opens it.
Fortinet FortiGate Devices Targeted in New Campaign
This activity shares some similarities with a campaign that researchers at Arctic Wolf identified in December. That campaign started soon after Fortinet disclosed two authentication bypass flaws (CVE-2025-59718 and CVE-2025-59719).
High-Risk Authentication Bypass Flaw Found in Telnetd
The flaw is in the way that the telnetd server handles some specific user-supplied data. An attacker who exploits this vulnerability would be able to bypass the authentication path and gain root privileges.
The RedVDS Takedown, Yet Another Chinese APT Emerges, and the StackWarp AMD Bug
This week, we talk about how Microsoft disrupted a long-running, large-scale cybercrime-as-a-service platform called RedVDS that has been active since 2019 and was used in high-volume phishing and BEC scams (1:00), then we discuss the research from Cisco Talos on another (!) Chinese APT called UAT-8837 that is targeting critical infrastructure organizations in North America […]