Cybersecurity researchers have noted a rise in mass scanning and brute-forcing attempts originating from Proton66, a Russian bulletproof hosting service provider. These attempts, which started early 2025, have focused on organizations globally. Various malware families, including GootLoader and SpyNote use Proton66 for their command-and-control servers and phishing pages. Trustwave’s analysis has also revealed the use of compromised WordPress websites for directing Android device users to phishing pages mimicking Google Play for downloading harmful APK files.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
The Erlang/Open Telecom Platform (OTP) SSH implementation contains a critical security vulnerability, potentially exposing systems to security risks.
