In a recent campaign involving the dissemination of the AgentTesla malware, as meticulously analyzed by experts at SonicWall, perpetrators employed VBA macros in Word documents to conduct a fileless injection attack, where the malicious...
Researchers from Sekoia have revealed alarming details about the malicious worm PlugX, which, having been abandoned by its creators many years ago, continues to autonomously spread and infect millions of computers worldwide. PlugX, believed...
The Lazarus Group, a notorious hacking collective traditionally associated with North Korea, utilized enticing job offers to deliver a new Remote Access Trojan (RAT) known as Kaolin RAT during attacks targeting individuals in Asia...
Researchers have uncovered a hacking campaign known as DEV#POPPER, targeting software developers. The perpetrators disguise themselves as employers and distribute fictitious job offers to IT specialists. Their true intent is to implant a dangerous...
The Reserve Bank of India has imposed a ban on Kotak Mahindra Bank, prohibiting the registration of new customers via online services and applications. This measure was taken after “significant deficiencies” were identified in...
Over 1,400 internet-accessible CrushFTP servers are vulnerable to attacks exploiting the critical server vulnerability CVE-2024-4040. This flaw, whose active exploitation was previously reported at the beginning of the week, allows unauthorized attackers to access...
Cybercriminals have begun to exploit a critical vulnerability in the WP Automatic plugin for WordPress, enabling them to create accounts with administrative privileges and install backdoors for long-term access. Installed on over 30,000 sites,...
In recent weeks, there has been an intensification of cyberattacks on Indian government bodies, initiated by groups linked to Pakistan. The analytical team at Seqrite Labs has identified several campaigns in which remote access...
ThreatFabric has identified a new malicious application named Brokewell, capable of recording every action on a device, from keystrokes to text input and application launches. The Trojan is distributed through a counterfeit Google Chrome...
Network security measures such as firewalls are designed to safeguard corporate networks from breaches. However, it turns out that cybercriminals are increasingly turning these systems against their owners, using them as springboards to infiltrate...
Security experts have identified a critical vulnerability in the Flowmon network performance monitoring tool from Progress Software, utilized by over 1,500 companies globally, including major organizations such as SEGA, KIA, and Volkswagen. The vulnerability...
Experts at Citizen Lab have identified vulnerabilities in popular keyboard applications that could be exploited to log keystrokes of Chinese users worldwide. These security issues are nearly ubiquitous across apps, including those pre-installed on...
Cybersecurity researchers from Perception Point recently discovered a vulnerability on the Nespresso coffee machine and capsule manufacturer’s website, which scammers actively exploit to redirect users to malicious sites. The vulnerability, related to open redirection,...
Recently, security researchers identified a new vulnerability known as Dependency Confusion, affecting an archived Apache project titled Cordova App Harness. This vulnerability enables malefactors to manipulate package managers into downloading a fraudulent package from...
North Korean hackers exploited the eScan antivirus update mechanism to embed backdoors into corporate networks and disseminate cryptocurrency miners using the malicious software, GuptiMiner. Cybersecurity firm Avast reports that the perpetrators conducted an adversary-in-the-middle...
The South Korean police have issued a warning about cyberattacks by North Korean hacker groups targeting defense industry enterprises to steal valuable technological information. The police have documented several instances of successful breaches of...
