malware
-
China-Linked Hackers Target South Asian Organizations Through Critical SAP Vulnerability
A China-linked hacker group known as Earth Lamia has successfully exploited a critical SAP vulnerability, targeting numerous organizations in South Asia and expanding their tactics beyond financial sectors to include IT and governmental entities.
-
Cybercriminals Exploit Popular AI Tools to Distribute Ransomware and Malware
Cybercriminals are exploiting popular AI tools to distribute ransomware and malware, including CyberLock and Lucky_Gh0$t. A report by Cisco Talos highlights the tactics used to lure victims through fake installations of AI solutions, increasing the urgency for enhanced cybersecurity measures.
-
New Malware Variant Uses Corrupted Headers to Evade Detection
Fortinet researchers have discovered a new strain of malware that evades detection by manipulating its DOS and PE headers, effectively functioning as a remote access trojan capable of controlling infected systems.
-
Critical WordPress Plugin Vulnerability Exposes Over 100,000 Sites to Attack
A critical vulnerability in the TI WooCommerce Wishlist plugin for WordPress exposes over 100,000 websites to potential file upload attacks, prompting security experts to recommend immediate action.
-
Coordinated Scanning Operation Targets Exposed Systems in Japan
A recent coordinated reconnaissance campaign involving 251 malicious IP addresses aims at exploiting vulnerabilities in web infrastructure, according to cybersecurity firm GreyNoise. The firm warns that organizations should take immediate action to block these IPs to reduce exposure.
-
Chinese Hackers Exploit Zero-Day Vulnerability in Cityworks, Warns Cisco Talos
Cisco Talos has raised alarms over active cyberattacks by Chinese hackers exploiting a zero-day vulnerability in Trimble Cityworks, affecting local U.S. government agencies and enabling remote code execution.
-
Source Code of SilverRAT Remote Access Trojan Leaked Online
The source code of the SilverRAT remote access trojan has leaked online, exposing its capabilities and raising concerns over cybersecurity risks as criminals may now exploit this tool.
-
Cybersecurity Breaches Expose Sensitive Information and Target Malware Groups
Recent cybersecurity incidents have highlighted the vulnerability of sensitive information within government communications and exposed serious lapses in security among major corporations. Key developments include the breach of TeleMessage, ongoing law enforcement operations against malware groups, and alarming discoveries of unsecured databases containing millions of login credentials.
-
International Law Enforcement Operation Takes Down Major Ransomware Infrastructure
An international crackdown dubbed Operation Endgame has led to the seizure of 300 servers and 650 domains tied to ransomware activities, successfully disrupting several major cybercrime operations and recovering significant cryptocurrency.
-
Cybercriminals Deploy Fake Ledger Apps to Steal Cryptocurrency Seed Phrases from macOS Users
Cybercriminals are increasingly using fake Ledger applications to steal seed phrases from macOS users, threatening their cryptocurrency assets. Reports from Moonlock Lab and Jamf highlight the evolution of these attacks, emphasizing the importance of downloading official applications and safeguarding sensitive data.
