Lazarus Strikes 6 Companies in South Korea with Cross EX, Innorix Vulnerabilities and ThreatNeedle Malware
There have been at least six firms in South Korea that have become the target of the well-known Lazarus Group...
targeted
GitHub Supply Chain Attack Root Cause Identified as SpotBugs Access Token Theft
A sequence of supply chain attack starting with Coinbase and extending to users of the "tj-actions/changed-files" GitHub Action has been...
AceSpot Access Key Pilfering Detected as Main Reason of GitHub Supply Chain Breach
The successive supply chain assault that first aimed at Coinbase before spreading wider to target users of the "tj-actions/changed-files" GitHub...
Lucid PhaaS Reaches 169 Locations Across 88 Nations with iMessage and RCS Smishing
Lucid, a recently launched advanced phishing-as-a-service (PhaaS) solution, has successfully aimed at 169 entities across 88 countries through smishing campaigns...
Provocation by Gamaredon Affiliated with Russia to Disseminate Remcos RAT in Ukraine
Various organizations in Ukraine have fallen victim to a phishing scheme aimed at propagating the remote access trojan known as...
How to protect operational technology from targeted cyber attacks
Protecting operational technology (OT) from targeted cyber attacks is a paramount concern in a world full of pervasive connectivity and...
Microsoft Alerts about ClickFix Phishing Campaign Aimed at Hospitality Industry via Phony Booking[.]com Emails
Microsoft has brought attention to a continuous phishing operation that focused on the hospitality sector by pretending to be the...
Amnesty Discovers Cellebrite’s 0-Day Exploit Utilized to Access Android Phone of Serbian Activist
Utilizing an innovative zero-day exploit created by Cellebrite, the smartphone of a 23-year-old youth activist from Serbia was specifically targeted...
Adhesive werewolf exploits undisclosed insertion to disseminate Lumma Stealer in Russia and Belarus
Sticky Werewolf, the malicious actor, has been associated with precise strikes mainly in Russia and Belarus, intending to distribute the...
New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems
Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color...
Chinese Cloud Services Utilized in APAC Industries Targeted by FatalRAT Phishing Campaigns
Several sectors within the Asia-Pacific (APAC) area have come under fire from phishing campaigns aimed at distributing the notorious malware...
Chinese-Associated Hackers Utilize Check Point Vulnerability to Distribute ShadowPad and Ransomware
A fresh threat cluster directed at European entities, especially those in the medical industry, was observed deploying PlugX and the...
17 SaaS Customers Exposed in Zero-Day Breach at BeyondTrust Due to Compromised API Key
After conducting a thorough probe, BeyondTrust has uncovered a security breach that impacted a group of users utilizing its Remote...
ValleyRAT Malware Distribution Utilized by PNGPlug Loader via Deceptive Software Installation Packages
In various regions predominantly Chinese-speaking such as Hong Kong, Taiwan, and the Mainland China, a string of cyber assaults has...
Suspected Zero-Day Flaw Linked to Offensives on Fortinet Firewalls with Unprotected Ports
Security analysts are highlighting a recent operation aimed at Fortinet FortiGate firewall systems with management ports exposed online. A new...
