North Korean hackers from the Lazarus group exploited a vulnerability in the Windows AppLocker driver to gain kernel-level access and disable security measures, avoiding detection. Avast analysts identified and reported the hackers’ activities to...
According to the latest insights from analysts at Mandiant, the Middle East has become the focal point of an ongoing cyber espionage operation utilizing distinctive malware targeting the aerospace, aviation, and defense industries. The...
The North Korea-supported hacker group Lazarus has uploaded four malicious packages to the Python Package Index (PyPI) repository, aiming to infect developers’ systems with malevolent software. The implicated packages—“pycryptoenv,” “pycryptoconf,” “quasarlib,” and “swapmempool”—have been...
Since the outset of November 2023, Cisco Talos has reported that Mexican users have been targeted by a sophisticated phishing campaign distributing a novel Windows malware dubbed TimbreStealer. This phishing initiative employs tax-themed decoy...
U.S. federal agencies, along with their international counterparts, have issued an advisory urging users to be vigilant of the risks associated with using Ubiquiti EdgeRouter devices. This warning follows the dismantling of the MooBot...
Specialists at Bitdefender have discovered a new variant of the malicious software AMOS Stealer (or Atomic Stealer), one of the most prevalent cyber threats for macOS users over the past year. According to Bitdefender...
Cybercriminal groups Black Basta and Bl00dy have joined the mass attacks on vulnerable ScreenConnect servers, targeting all users who have not yet updated their systems. A fix for the critical authentication bypass vulnerability (CVE-2024-1709)...
A new advanced Remote Access Tool (RAT) named Xeno RAT has been published on GitHub. This Trojan, crafted in the C# programming language and compatible with Windows 10 and Windows 11 operating systems, offers...
According to a report by Morphisec, Ukrainian organizations based in Finland have been targeted by a malicious campaign distributing the Remcos Remote Access Trojan (RAT). The attack has been attributed to the group UAC-0184....
In a recent report by Trend Micro, it was revealed that the Chinese cyber espionage group Mustang Panda has intensified its operations across Asia, employing a modified variant of the PlugX malware named DOPLUGS....
Analysts warn that hackers have increasingly exploited the Google Cloud Run service for the widespread distribution of banking trojans such as Astaroth, Mekotio, and Ousaban. Google Cloud Run enables users to deploy front-end and...
Cybersecurity specialists at Sysdig have unveiled a new malicious entity dubbed SSH-Snake, designed to stealthily search for private keys and navigate through a victim’s infrastructure, rendering it significantly more perilous than conventional viruses that...
Experts from Cado Security have uncovered a new malicious campaign targeting Redis servers. Once initial access to the systems is secured, the attackers mine cryptocurrency on the compromised Linux-operated hosts. According to Matt Muir,...
In a recent investigation conducted by security specialists from ReversingLabs, two malicious packages were identified within the Python Package Index (PyPI) repository, utilizing the DLL Sideloading technique to circumvent antivirus detection and execute malicious...
In November of last year, researchers discovered the expansion of malicious activity by an Android trojan named Anatsa into Slovakia, Slovenia, and the Czech Republic. This expansion is part of a new campaign which,...
On February 15, it was disclosed that Mark Sokolovsky, a 28-year-old Ukrainian and operator of the malicious software “Raccoon Stealer,” was extradited to the United States from the Netherlands to face upcoming legal proceedings....
