Cyber Security Archives • Page 23 of 85 • Daily CyberSecurity

Zendesk Infrastructure Exploited in Phishing and Pig Butchering Schemes BitoPro Hack, Lazarus Group

Zendesk Infrastructure Exploited in Phishing and Pig Butchering Schemes

Do Son January 21, 2025

A new report from CloudSEK reveals threat actors are leveraging Zendesk’s free trial to create convincing phishing...

From Dream Jobs to Dangerous Passwords: Lazarus Group’s LinkedIn Attacks Operation Dream Job

From Dream Jobs to Dangerous Passwords: Lazarus Group’s LinkedIn Attacks

Do Son January 21, 2025

Cybersecurity researcher Shusei Tomonaga from JPCERT/CC has issued a warning about LinkedIn being exploited as an initial...

DLL Sideloading & Proxying: New Campaign Delivers Sliver Implants to German Targets exfiltrating AWS credentials - fabrice package

DLL Sideloading & Proxying: New Campaign Delivers Sliver Implants to German Targets

Do Son January 21, 2025

Cyble Research and Intelligence Labs (CRIL) has uncovered an ongoing cyber campaign targeting German organizations using sophisticated...

Meta’s Advertising System Exploited by Russian Propaganda Network Meta Horizon Worlds Quest shutdown Meta AI, Child Safety Meta Robotics, Android of Robotics Meta AI, Llama 4.X Meta, AI regulation Meta AI, Data Center Impact Meta AI, Superintelligence Meta Copyrighted Data AI chatbot

Meta Horizon Worlds Quest shutdown Meta AI, Child Safety Meta Robotics, Android of Robotics Meta AI, Llama 4.X Meta, AI regulation Meta AI, Data Center Impact Meta AI, Superintelligence Meta Copyrighted Data AI chatbot

Meta’s Advertising System Exploited by Russian Propaganda Network

Do Son January 21, 2025

A recent report, authored by Check First in collaboration with Reset.tech and AI Forensics, unveils a narrative...

IntelBroker’s Digital Trail: OSINT Analysis Exposes Cybercriminal’s Operations TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

IntelBroker’s Digital Trail: OSINT Analysis Exposes Cybercriminal’s Operations

Do Son January 20, 2025

IntelBroker, one of the most prominent figures in the cybercrime landscape, has left a trail of high-profile...

US Sanctions Chinese Hackers for Cyber Espionage Campaign IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

US Sanctions Chinese Hackers for Cyber Espionage Campaign

Do Son January 20, 2025

The U.S. Department of State has announced sanctions against two Chinese entities, Yin Kecheng and Sichuan Juxinhe...

Silver Fox APT Targets Organizations with PNGPlug and ValleyRAT Malware WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Silver Fox APT Targets Organizations with PNGPlug and ValleyRAT Malware

Do Son January 20, 2025

A sophisticated cyber-espionage campaign targeting organizations across China, Hong Kong, and Taiwan has been uncovered by Intezer’s...

Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts

Do Son January 19, 2025

Microsoft Threat Intelligence has uncovered a new spear-phishing campaign orchestrated by the Russian threat actor known as...

Sneaky 2FA: A New Adversary-in-the-Middle Phishing-as-a-Service Threat

Do Son January 19, 2025

SEKOIA’s Threat Detection & Research (TDR) team has exposed a new Adversary-in-the-Middle (AiTM) phishing kit, dubbed “Sneaky...

Black Basta Exploits Microsoft Teams for Phishing Attacks SloppyLemming

Black Basta Exploits Microsoft Teams for Phishing Attacks

Do Son January 19, 2025

NVISO Labs has uncovered a sophisticated phishing campaign attributed to the ransomware group Black Basta, leveraging Microsoft...

Scammers Exploit Truth Social to Launch Phishing and Fraud Campaigns Truth Social Fraud

Scammers Exploit Truth Social to Launch Phishing and Fraud Campaigns

Do Son January 19, 2025

Truth Social, the social media platform launched by Trump Media & Technology Group in 2022, has become...

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks

Do Son January 18, 2025

Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products—CVE-2025-0282 and...

Real Estate Scams on the Rise in the Middle East TASPEN, mobile malware North Korean IT Worker Fraud

Real Estate Scams on the Rise in the Middle East

Do Son January 17, 2025

As the real estate market increasingly transitions to digital platforms, the Middle East has become a hotbed...

North Korean Hackers Linked to Crowdfunding Scam Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

North Korean Hackers Linked to Crowdfunding Scam

Do Son January 16, 2025

In a recent investigation, Secureworks Counter Threat Unit (CTU) researchers have uncovered a link between North Korean...

Cybercriminals Exploit Fake Google Ads to Ransack Advertiser Accounts Google Ads Scam

Cybercriminals Exploit Fake Google Ads to Ransack Advertiser Accounts

Do Son January 16, 2025

In a campaign uncovered by security researcher Jérôme Segura from Malwarebytes, cybercriminals have been using fraudulent Google...

Millions Stolen: North Korea Hackers Target Blockchain Industry Google Play, Crypto Wallets Cryptocurrency Thefts

Millions Stolen: North Korea Hackers Target Blockchain Industry

Do Son January 14, 2025

The United States, Japan, and the Republic of Korea have joined forces to issue a stark warning...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Fortinet FortiGate Firewalls Targeted in Sophisticated Campaign Exploiting Management Interfaces

Do Son January 14, 2025

A new report from Arctic Wolf Labs reveals a concerning campaign targeting publicly exposed management interfaces on...

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain

Do Son January 13, 2025

In a recent revelation, security researchers Amaury G., Maxime A., Erwan Chevalier, Felix Aimé, and Sekoia TDR...

Phishing Campaigns Exploit YouTube URLs and Microsoft 365 Themes to Steal Credentials Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Phishing Campaigns Exploit YouTube URLs and Microsoft 365 Themes to Steal Credentials

Do Son January 12, 2025

Cybersecurity researchers at Cyderes, led by Ethan Fite, have uncovered a phishing trend exploiting YouTube URLs combined...

ZACROS Corporation Discloses Personal Information Leak Following Ransomware Attack INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

ZACROS Corporation Discloses Personal Information Leak Following Ransomware Attack

Do Son January 12, 2025

ZACROS Corporation, a leading manufacturer of packaging materials, announced that it has suffered a ransomware attack that...

Critical Alert 1 Active Exploit Detected Today