Black Lotus Labs has identified a new variant of the TheMoon malware, targeting SOHO offices and IoT devices across 88 countries, which has already infected nearly 7,000 ASUS routers. TheMoon is associated with the...
Twenty-eight free VPN applications on Google Play were found to employ a malicious SDK, transforming Android devices into residential proxies, likely utilized for cybercrimes and bot operations. The team at HUMAN discovered that these...
On March 25th, the United Kingdom and the United States formally accused China of cyberattacks on democratic institutions, linking Chinese intelligence services to incidents at the Electoral Commission in 2021 and attempting to hack...
Cybercriminals are increasingly leveraging the new phishing platform Tycoon 2FA to compromise Microsoft 365 and Gmail accounts, circumventing two-factor authentication. This trend was identified by experts at Sekoia. Tycoon 2FA was discovered in October...
The popular service Top.gg, aiding users in finding servers and bots for Discord, suffered from a supply chain attack. Malefactors injected malicious code into Python packages used by bot developers, evidently aiming to steal...
The cybersecurity firm Proofpoint has uncovered a new phishing campaign orchestrated by the Iranian faction MuddyWater. This operation disseminates legitimate remote monitoring and management software, Atera, among Israeli organizations within the global manufacturing, technology,...
Mandiant specialists report that Chinese hackers, identified as UNC5174, are exploiting vulnerabilities in widely-used products to disseminate malicious software capable of installing additional backdoors on compromised Linux hosts. The attacks orchestrated by UNC5174 have...
Over the last six months, tens of thousands of web resources have fallen victim to a large-scale campaign deploying the previously unknown malicious program Sign1. Perpetrators have been embedding this malware into WordPress sites,...
Security researchers at Horizon3 have disclosed a Proof-of-Concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiClient EMS, which is currently being actively exploited by hackers. The SQL injection vulnerability, CVE-2023-48788 (with a CVSS...
Annually in August, thousands of cybersecurity professionals gather in Las Vegas for an event often dubbed the “hackers’ summer camp.” This period marks the convening of two of the largest information security conferences: Black...
The cybercrime collective known as UNC4210 orchestrated an assault on the digital infrastructure of a European non-governmental organization, deploying the malign software TinyTurla-NG to establish a backdoor. This cyberattack was meticulously documented in a...
In a recent report by Unit 42 researchers from Palo Alto Networks, a new series of phishing attacks aimed at disseminating malicious software named StrelaStealer has been identified. This threat has impacted over 100...
Researchers have uncovered a grave vulnerability within the microarchitecture of Apple’s M-series chips, enabling malefactors to extract secret keys from Mac devices, encompassing both computers and laptops. The crux of the issue lies in...
In the context of an international operation led by Germany, the activity of the popular overseas illicit trading platform Nemesis was halted. Local police reported the seizure of the resource’s infrastructure and the shutdown...
Ivanti has issued a warning regarding a critical vulnerability in its Standalone Sentry product, which allows attackers to remotely execute arbitrary commands. Designated as CVE-2023-41724, this vulnerability has been rated at 9.6 on the...
U.S. authorities have expressed concerns regarding the actions of the Chinese hacking group Volt Typhoon, warning owners and operators of critical infrastructure about the necessity of defending against potential devastating cyber attacks. A new...