-
CISA and NCSC warn that FIRESTARTER, a Linux-based backdoor, targets Cisco Firepower devices, evades patches, and enables persistent access even after firmware updates.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Acronis reveals Mustang Panda is using a new LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CanisterWorm spreads via npm supply chain attack, hijacks developer accounts, targets Kubernetes clusters, and deploys destructive Kamikaze wiper payload.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
China-linked hackers targeted Qatar using fake war news lures to spread PlugX backdoor malware and spy on military and energy sectors.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers warn of a fake CleanMyMac site using a ClickFix attack to install SHub Stealer on macOS and steal passwords and crypto wallets.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign is using stolen certificates from TrustConnect Software PTY LTD to sign malware. By impersonating updates for Zoom and Microsoft Teams, hackers install RMM tools to gain persistent, privileged access to networks
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TAMECAT is a sophisticated PowerShell-based backdoor linked to APT42, an Iranian state-sponsored hacking group. It steals login credentials from Microsoft Edge and Chrome browsers while evading detection. Security researchers from Israel’s Nation…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Google Threat Intelligence Group (GTIG) warns that nation-state actors and financially motivated threat actors are exploiting a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
