Cyber Security Archives • Page 21 of 85 • Daily CyberSecurity

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181 Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181

Do Son February 5, 2025

Cybersecurity researchers from Intezer and Solis Security have uncovered a dramatic shift in tactics by XE Group,...

SmartApeSG Campaign Uncovered: A Deep Dive into NetSupport RAT Distribution and Suspected Threat Actor Connections CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

SmartApeSG Campaign Uncovered: A Deep Dive into NetSupport RAT Distribution and Suspected Threat Actor Connections

Do Son February 5, 2025

A recent investigation by Team Cymru has revealed an intricate web of malicious infrastructure linking the SmartApeSG...

Cybercriminals Exploit Big Tech Cloud IPs in Infrastructure Laundering Scheme

Do Son February 4, 2025

A new report from Silent Push reveals how a China-linked CDN called FUNNULL is exploiting major cloud...

TAG-124: A Deep Dive into the Traffic Distribution System Powering Malware Campaigns

Do Son February 4, 2025

Cybersecurity researchers at Insikt Group have uncovered a multi-layered traffic distribution system (TDS), dubbed TAG-124, which is...

Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign Unveiled Iranian Hacktivists Operation Epic Fury Cyber New Generation Warfare Russian Hybrid Escalation Plex data breach Water Systems Cybersecurity - Threat Actor Naming Standard

Iranian Hacktivists Operation Epic Fury Cyber New Generation Warfare Russian Hybrid Escalation Plex data breach Water Systems Cybersecurity - Threat Actor Naming Standard

Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign Unveiled

Do Son February 4, 2025

A newly uncovered cyber espionage campaign orchestrated by North Korea’s Lazarus Group has been exposed in SecurityScorecard’s...

Threat Actors Exploit CVE-2019-18935 to Gain Remote Access and Elevate Privileges

Do Son February 4, 2025

The eSentire Threat Response Unit (TRU) has reported that threat actors are actively exploiting a six-year-old vulnerability,...

Phishing Campaign Hijacks High-Profile X Accounts to Promote Crypto Scams EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

Phishing Campaign Hijacks High-Profile X Accounts to Promote Crypto Scams

Do Son February 4, 2025

A new wave of phishing attacks is actively targeting high-profile X (formerly Twitter) accounts, with attackers hijacking...

CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine CVE-2025-0411 PoC exploit - Homoglyph Attacks

CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine

Do Son February 4, 2025

A new report from the Zero Day Initiative (ZDI) Threat Hunting team reveals that Ukrainian organizations have...

CL-STA-0048: Chinese-Linked APT Targets Telecoms in South Asia DPRK IT Workers, APT38 Crypto Forfeiture

CL-STA-0048: Chinese-Linked APT Targets Telecoms in South Asia

Do Son February 3, 2025

A newly identified cyberespionage campaign, tracked as CL-STA-0048, has been uncovered by Unit 42 researchers targeting high-value...

HTTP Client Tools Weaponized in Account Takeover Attacks Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

HTTP Client Tools Weaponized in Account Takeover Attacks

Do Son February 3, 2025

Proofpoint research reveals a growing trend of cybercriminals exploiting legitimate HTTP client tools to orchestrate account takeover...

Canadian Hacker Indicted for $65 Million DeFi Exploit Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Canadian Hacker Indicted for $65 Million DeFi Exploit

Do Son February 3, 2025

The U.S. Department of Justice (DOJ) has unsealed a five-count criminal indictment against a Canadian man accused...

Devil-Traff: The New SMS Phishing Platform Exploited by Cybercriminals

Do Son February 2, 2025

Security researcher Daniel Kelley at SlashNext has unveiled a new threat to cybersecurity: Devil-Traff, a bulk SMS...

The Hidden Cyber Trap: How Compromised Websites and Malicious AdTech Manipulate Users

Do Son February 2, 2025

In the cybersecurity world, analysts often focus on the adversary’s tactics, techniques, and procedures (TTPs), but what...

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond

Do Son February 2, 2025

Since its initial release on GitHub in 2022 by user XZB-1248, SparkRAT has evolved into a widely...

.Gov No More: Government Domains Weaponized in Phishing Surge Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

.Gov No More: Government Domains Weaponized in Phishing Surge

Do Son February 2, 2025

A recent Cofense Intelligence report has uncovered a troubling trend: threat actors are increasingly abusing .gov top-level...

Adversarial Misuse of Generative AI: How APTs Are Experimenting with AI for Cyber Operations illegal streaming networks complex criminal enterprises UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI

illegal streaming networks complex criminal enterprises UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI

Adversarial Misuse of Generative AI: How APTs Are Experimenting with AI for Cyber Operations

Do Son February 1, 2025

A new Google Threat Intelligence Group (GTIG) report titled “Adversarial Misuse of Generative AI” provides a detailed...

Cyber Espionage and Influence: Unmasking APT28’s Tactics Sources and related content

Do Son January 31, 2025

The Maverits Special Report provides a comprehensive analysis of APT28, a notorious Russian cyber espionage group affiliated...

Europol Smashing Cybercrime Hubs: Cracked & Nulled Taken Down

Do Son January 30, 2025

An Europol-supported operation has dismantled two of the internet’s largest and most notorious cybercrime forums: Cracked and...

New Cyber-Espionage Campaign Hits Europe: UAC-0063 Threat Actor Expands Operations

Do Son January 29, 2025

Bitdefender Labs has issued a warning about an active cyber-espionage campaign conducted by the threat actor known...

Google’s Agentic AI Security Team Develops Framework to Combat Prompt Injection Attacks Gemini AI Prompt injection

Google’s Agentic AI Security Team Develops Framework to Combat Prompt Injection Attacks

Do Son January 29, 2025

Google’s Agentic AI Security Team announced in a recent blog post that they have developed a new...

Critical Alert 1 Active Exploit Detected Today

Critical Alert

Cyber Security

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181

SmartApeSG Campaign Uncovered: A Deep Dive into NetSupport RAT Distribution and Suspected Threat Actor Connections

Cybercriminals Exploit Big Tech Cloud IPs in Infrastructure Laundering Scheme

TAG-124: A Deep Dive into the Traffic Distribution System Powering Malware Campaigns

Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign Unveiled

Threat Actors Exploit CVE-2019-18935 to Gain Remote Access and Elevate Privileges

Phishing Campaign Hijacks High-Profile X Accounts to Promote Crypto Scams

CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine

CL-STA-0048: Chinese-Linked APT Targets Telecoms in South Asia

HTTP Client Tools Weaponized in Account Takeover Attacks

Canadian Hacker Indicted for $65 Million DeFi Exploit

Devil-Traff: The New SMS Phishing Platform Exploited by Cybercriminals

The Hidden Cyber Trap: How Compromised Websites and Malicious AdTech Manipulate Users

SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond

.Gov No More: Government Domains Weaponized in Phishing Surge

Adversarial Misuse of Generative AI: How APTs Are Experimenting with AI for Cyber Operations

Cyber Espionage and Influence: Unmasking APT28’s Tactics Sources and related content

Europol Smashing Cybercrime Hubs: Cracked & Nulled Taken Down

New Cyber-Espionage Campaign Hits Europe: UAC-0063 Threat Actor Expands Operations

Google’s Agentic AI Security Team Develops Framework to Combat Prompt Injection Attacks