Cyber Security Archives • Page 20 of 85 • Daily CyberSecurity

CVE-2024-1709 and CVE-2023-48788: Exploits Fueling Russia’s BadPilot Campaign Seashell Blizzard - BadPilot campaign

CVE-2024-1709 and CVE-2023-48788: Exploits Fueling Russia’s BadPilot Campaign

Do Son February 16, 2025

Microsoft Threat Intelligence has exposed a multiyear cyber espionage campaign conducted by a subgroup of the Russian...

Fake ‘Adobe Drive X’ App Sneaks Through Microsoft Login to Steal Credentials

Do Son February 16, 2025

Cofense’s Phishing Defense Center (PDC) has uncovered a phishing campaign that uses a legitimate Microsoft login page...

Sophisticated Phishing Campaign Abuses Webflow CDN to Steal Credit Card Data

Do Son February 14, 2025

A new report from Netskope Threat Labs has revealed a sophisticated phishing campaign that abuses the Webflow...

Russian Influence Operations Target German Elections Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Russian Influence Operations Target German Elections

Do Son February 13, 2025

A new report from Insikt Group reveals that Russia-linked influence operations are actively targeting the February 23,...

South Korean CSOs Under Cyberattack: 3-Year Study South Korean Cyberattack

South Korean CSOs Under Cyberattack: 3-Year Study

Do Son February 13, 2025

A three-year study conducted by independent security researcher Ovie (Ovi) has exposed the scale and sophistication of...

zkLend Hacked: $9.5 Million in Bitcoin Stolen TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

zkLend Hacked: $9.5 Million in Bitcoin Stolen

Do Son February 12, 2025

In a recent turn of events, a critical security flaw within the smart contracts of zkLend, a...

Chinese Hackers Suspected in Ivanti CSA Attacks: Webshells and Lateral Movement Detected Sources and related content Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Chinese Hackers Suspected in Ivanti CSA Attacks: Webshells and Lateral Movement Detected Sources and related content

Do Son February 12, 2025

A series of critical vulnerabilities affecting Ivanti Cloud Service Appliance (CSA) 4.6 have been actively exploited in...

Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign Sandworm APT - APT44

Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign

Do Son February 11, 2025

The notorious Sandworm APT (APT44), a Russian-state-sponsored threat actor affiliated with the GRU (Russia’s Main Intelligence Directorate),...

US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks CVE-2024-3393 - Zservers sanctions

US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks

Do Son February 11, 2025

The U.S. Department of the Treasury, in a coordinated effort with Australia and the United Kingdom, has...

$16 Million Ransomware Operation Shut Down: 8Base Masterminds Apprehended 8Base ransomware down

$16 Million Ransomware Operation Shut Down: 8Base Masterminds Apprehended

Do Son February 10, 2025

The UK’s National Crime Agency (NCA), in conjunction with Europol, the US Federal Bureau of Investigation, the...

Alabama Man Pleads Guilty in Bitcoin Price Manipulation Scheme Involving Hacked SEC X Account

Do Son February 10, 2025

Eric Council Jr., a 25-year-old from Athens, Alabama, has pleaded guilty to charges related to the January...

The Rise of Phishing-as-a-Service: How Cybercriminals are Outsourcing Attacks DocuSign-Themed Phishing Email

The Rise of Phishing-as-a-Service: How Cybercriminals are Outsourcing Attacks

Do Son February 10, 2025

Phishing attacks are no longer the domain of elite hackers. With the rise of Phishing-as-a-Service (PhaaS), cybercriminals...

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

Do Son February 9, 2025

Cybersecurity firm Field Effect has identified and thwarted a sophisticated cyberattack that leveraged newly discovered vulnerabilities in...

Publicly Disclosed ASP.NET Machine Keys Used in Code Injection Attacks ViewState code injection attacks

Publicly Disclosed ASP.NET Machine Keys Used in Code Injection Attacks

Do Son February 9, 2025

Microsoft Threat Intelligence has reported a concerning trend: attackers are exploiting publicly disclosed ASP.NET machine keys to...

Sophos Uncovers Rising Threat of SVG-Based Phishing Attacks SVG Phishing Attacks

Sophos Uncovers Rising Threat of SVG-Based Phishing Attacks

Do Son February 8, 2025

Sophos has identified a novel phishing technique that leverages Scalable Vector Graphics (SVG) files to bypass anti-spam...

Lazarus Group Lures Victims with Fake LinkedIn Job Offers, Warns Bitdefender North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Lazarus Group Lures Victims with Fake LinkedIn Job Offers, Warns Bitdefender

Do Son February 7, 2025

Bitdefender Labs has uncovered an active cyber espionage campaign by the Lazarus Group, a North Korean state-sponsored...

MMS “VidSpam”: A New Bitcoin Scam Using Old Tech Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

MMS “VidSpam”: A New Bitcoin Scam Using Old Tech

Do Son February 7, 2025

Cybersecurity researchers at Proofpoint have discovered a resurgence of an old technology being used in a new...

Kimsuky Group Leverages RDP Wrapper for Persistent Cyber Espionage North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Kimsuky Group Leverages RDP Wrapper for Persistent Cyber Espionage

Do Son February 6, 2025

The notorious North Korean APT group Kimsuky has continued its cyber espionage operations, leveraging spear-phishing attacks and...

Threat Actors Continue to Exploit Legitimate RMM Tool ScreenConnect KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

Threat Actors Continue to Exploit Legitimate RMM Tool ScreenConnect

Do Son February 6, 2025

A recent report from Silent Push reveals that threat actors are still leveraging ScreenConnect, a legitimate remote...

GreenSpot APT Phishes 163.com Users with Spoofed Domains Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

GreenSpot APT Phishes 163.com Users with Spoofed Domains

Do Son February 6, 2025

A recent report from Threat Hunting Platform – Hunt.io has exposed an ongoing phishing campaign orchestrated by...

Critical Alert 1 Active Exploit Detected Today

Critical Alert

Cyber Security

CVE-2024-1709 and CVE-2023-48788: Exploits Fueling Russia’s BadPilot Campaign

Fake ‘Adobe Drive X’ App Sneaks Through Microsoft Login to Steal Credentials

Sophisticated Phishing Campaign Abuses Webflow CDN to Steal Credit Card Data

Russian Influence Operations Target German Elections

South Korean CSOs Under Cyberattack: 3-Year Study

zkLend Hacked: $9.5 Million in Bitcoin Stolen

Chinese Hackers Suspected in Ivanti CSA Attacks: Webshells and Lateral Movement Detected Sources and related content

Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign

US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks

$16 Million Ransomware Operation Shut Down: 8Base Masterminds Apprehended

Alabama Man Pleads Guilty in Bitcoin Price Manipulation Scheme Involving Hacked SEC X Account

The Rise of Phishing-as-a-Service: How Cybercriminals are Outsourcing Attacks

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

Publicly Disclosed ASP.NET Machine Keys Used in Code Injection Attacks

Sophos Uncovers Rising Threat of SVG-Based Phishing Attacks

Lazarus Group Lures Victims with Fake LinkedIn Job Offers, Warns Bitdefender

MMS “VidSpam”: A New Bitcoin Scam Using Old Tech

Kimsuky Group Leverages RDP Wrapper for Persistent Cyber Espionage

Threat Actors Continue to Exploit Legitimate RMM Tool ScreenConnect

GreenSpot APT Phishes 163.com Users with Spoofed Domains