π What's going on in the cyber world today? π¨ #CyberAlerts Earth Minotaur Uses MOONSHINE and DarkNimbus for Multi-Platform Attacks Source: Joseph C Chen and Daniel Lunghi via Trend Micro Turla APT Exploits Pakistani Hackers to Target Afghan and Indian Entities Source: Lumen DroidBot Android Malware Targets 77 Banking and Crypto Apps Across Europe Source: Cleafy Payroll Pirates Phishing Attack Targets HR Systems Redirecting Employee Funds Source: Silent Push NSO Group's Pegasus Spyware Samples ...
Dec 05, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Chinese Hackers Salt Typhoon Linger in US Telecom Networks Despite Efforts Source: CISA Venom Spider Unleashes RevC2 and Venom Loader in New Malware Campaigns Source: Muhammed Irfan V A via Zscaler New Backdoor Stealing Private Keys Found in Solana's npm Library Source: Sarah Gooding via Socket Google Chrome Type Confusion Vulnerability Enables Remote Code Execution Source: Google Veeam Patches Critical Remote Code Execution Flaw in Serv...
Dec 04, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts US Internal Revenue Service Warns of Holiday Scams and Offers Tax Security Tips Source: US Internal Revenue Service SmokeLoader Malware Resurfaces Targeting Manufacturing and IT Sectors in Taiwan Source: Pei Han Liao via Fortinet Hackers Use Weaponized Resumes to Attack Employees and Gain Server Access Source: The DFIR Report Critical Salesforce Flaw Could Lead to Full Account Takeover and Data Theft Source: Mattia Brollo via 0xbro W...
Dec 03, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts MediaTek Bluetooth Chipset Vulnerabilities Expose 1.5 Billion Android Devices Source: MediaTek Kimsuky Employs New Malwareless Phishing Techniques to Evade Detection Source: Genians Poison Ivy APT Launches Campaign Targeting Key Sectors with Phishing Attacks Source: 360 Threat Intelligence Center New InputSnatch Side-Channel Attack Exploits LLMs to Steal User Data and Queries Source: Xinyao Zheng, Et al. via arXiv Apple Safari Remote Co...
Dec 02, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts Over Two Dozen Security Flaws Found in Advantech Industrial Wi-Fi Access Points Source: Nozomi Networks New Phishing Scam Unveiled Targeting Corporate Internet Banking Users in Japan Source: Nishi-Nippon City Bank Critical Windows 11 Vulnerability Allows Attackers to Elevate Privileges Remotely Source: SSD Secure Disclosure New Jenkins Vulnerabilities Allow DoS Attacks and Script Injection Risks Source: Jenkins Cri...
Nov 29, 2024β’9 min
π What's going on in the cyber world today? π¨ #CyberAlerts Cybercriminals Exploit Godot Engine to Stealthily Spread Cross-Platform Malware Source: Check Point Research APT-C-60 Exploits SpyGlace Backdoor in Sophisticated Japan-Targeted Campaign Source: Japan Computer Emergency Response Team Coordination Center Massive Netflix Credential Stealing Scam Targets Users in 23 Countries Source: Silviu STAHIE via Bitdefender PixPirate Malware Targets Users Through WhatsApp and Smishing Campaigns Sourc...
Nov 28, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Matrix Botnet Harnesses IoT Vulnerabilities for Global DDoS Attacks Source: Assaf Morag via Aqua New Bootkitty UEFI Bootkit Designed Specifically to Target Linux Servers Source: Martin SmolΓ‘r and Peter StrΓ½Δek via ESET Chinese Hackers Use GHOSTSPIDER Malware in Cyber Espionage Attacks on Telecoms Source: Leon M Chang, Theo Chen, Lenart Bermejo and Ted Lee via Trend Micro NVIDIA Unified Fabric Manager Flaw Enables Privilege Escalation and...
Nov 27, 2024β’10 min
π What's the latest in the cyber world today? π¨ #CyberAlerts RomCom Exploits Firefox and Windows Zero-Day Flaws for Cyberattacks Source: Damien Schaeffer and Romain Dumont via ESET SpyLoan Apps Use Social Engineering to Steal Data and Exploit Vulnerable Users Source: McAfee Critical Flaw in WordPress Anti-Spam Plugin Exposes 200K Sites to Remote Hacking Source: Istvan Marton via Wordfence CISA Warns Agencies to Patch Critical Array Networks Flaw Amid Active Exploitation Source: CISA Critical Q...
Nov 26, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts APT-K-47 Exploits Hajj-Themed Lures to Deploy Advanced Asyncshell Malware Source: Knownsec 404 Team Google Uncovers Pro-China Fake News Influence Network Called GLASSBRIDGE Source: Vanessa Molter via Google Wi-Fi Exploited in Sophisticated Nearest Neighbor Attack by Russian Hackers Source: Sean Koessel, Steven Adair and Tom Lancaster via Volexity Russian TAG-110 Attacks Organisations with HATVIBE and CHERRYSPY Malware Source: Recorded F...
Nov 25, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts Chinese APT Gelsemium Expands Malware Arsenal with WolfsBane Linux Backdoor Source: Viktor Ε perka via ESET North Korean Companies Impersonate US IT Firms to Fund Missile Programs Source: Tom Hegel and Dakota Cary via Sentinel Labs Hackers Use Google Docs and Weebly to Launch Phishing Attacks on Telecom Industry Source: Raphael Galli via EclecticIQ FortiClient VPN Flaw Enables Undetected Brute-Force Attacks on Enter...
Nov 22, 2024β’9 min
π What's going on in the cyber world today? π¨ #CyberAlerts Ghost Tap Hackers Exploits NFC to Steal Funds Through Mobile Payment Apps Source: Threat Fabric NodeStealer Malware Exploits Facebook Ads to Steal Credit Card Data Source: Jan Michael Alcantara via Netskope Gabagool Phishing Campaign Exploits Cloudflare R2 to Evade Security Filters Source: TRAC Labs Critical Kubernetes Vulnerability Allows Attackers to Execute Commands Source: Kubernetes Apple Releases Critical Updates to Patch Activel...
Nov 21, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Ngioweb Botnet Exploits IoT Devices to Fuel NSOCKS Proxy Network and Cyber Attacks Source: Lumen XenoRAT Exploits Excel XLL Files With Advanced Tactics to Evade Detection Source: Hunt.io Misconfigured Jupyter Servers Exploited for Illegal Sports Streaming and Piracy Source: Assaf Morag via Aqua Decades-Old Security Flaws in Ubuntu's Needrestart Package Expose Root Risks Source: Ubuntu Oracle Issues Warning on Active Exploitation of High-...
Nov 20, 2024β’10 min
π What's the latest in the cyber world today? π¨ #CyberAlerts BabbleLoader Malware Emerges Delivering WhiteSnake and Meduza Stealers Source: Ryan Robinson via Intezer Helldown Ransomware Expands Attacks to VMware, Linux, and Virtualized Systems Source: Jeremy Scion via Sekoia Earth Kasha Launches New LODEINFO Campaign with Updated Tactics and Targeting Source: Hara Hiroaki via Trend Micro Water Barghest Exploits Vulnerable IoT Devices for Rapid Monetization and Profit Source: Feike Hacquebord a...
Nov 19, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts DEEPDATA Malware Exploits Unpatched Fortinet VPN Zero-Day to Steal Credentials Source: Callum Roxan, Charlie Gardner and Paul Rascagneres via Volexity Fake AI Image and Video Generators Infect Windows and macOS with Infostealers Source: Cybersecurity Researcher g0njxa via X UK Cybersecurity Experts Warn Shoppers of Black Friday and Cyber Monday Scams Source: UK National Cyber Security Centre Botnet Exploits GeoVision Zero-Day Vulnerabil...
Nov 18, 2024β’10 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts Sitting Ducks Attack Hijacks 70,000 Domains in Widespread Campaign Source: Infoblox Google Warns of Rising Cloaking Scams, AI Fraud, and Cryptocurrency Schemes Source: Laurie Richardson via Google Chinese SilkSpecter Operates 4,700 Fake Shopping Sites to Steal Credit Cards Source: ElecticIQ Critical GitHub CLI Remote Code Execution Flaw Allows Malicious Command Execution Source: Andy Feller via GitHub High-Severity...
Nov 15, 2024β’10 min
π What's going on in the cyber world today? π¨ #CyberAlerts North Korean Lazarus Group Launches RustyAttr Malware Campaign Targeting macOS Source: Sharmine Low via Group-IB Hamas-Linked WIRTE Escalates Cyber Attacks on Israel Amid Middle East Tensions Source: Check Point Research CISA Adds Five Vulnerabilities to its Known Exploited Vulnerabilities Catalog Source: CISA Bitdefender Offers Free Decryptor for ShrinkLocker Ransomware Victims Source: Martin Zugec via Bitdefender OvrC Cloud Platform ...
Nov 14, 2024β’10 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Iranian Hackers Target Aerospace with Fake Jobs to Deploy SnailResin Malware Source: ClearSky GoIssue Phishing Tool Targets GitHub Developers with Bulk Email Campaigns Source: Daniel Kelley via SlashNext North Korean Hackers Use Flutter Apps to Deploy Malware on macOS Devices Source: Jamf Threat Labs New Citrix Virtual Apps Vulnerabilities Enable Remote Code Execution Attacks Source: Sina Kheirkhah via watchTowr Labs Microsoft Patches 90...
Nov 13, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Hackers Use Microsoft Visio Files and SharePoint in Two-Step Phishing Attack Source: Peleg Cabra via Perception Point New SpyAgent Android Malware Captures Screenshots to Steal Cryptocurrency Source: Doug Bonderud via Security Intelligence Critical WPLMS WordPress Theme Flaw Exposes Websites to Remote Code Execution Source: Wordfence Command Injection Flaw Exposes Legacy D-Link NAS Devices to Remote Attacks Source: Netsecfish High Se...
Nov 12, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts Phishing Campaign Uses Excel Exploit to Deliver Fileless Remcos RAT Malware Source: Xiaopeng Zhang via Fortinet Veeam Remote Code Execution Vulnerability Used to Deploy New Frag Ransomware Source: Sean Gallagher via Sophos Microsoft Bookings Flaw Allows Hackers to Create and Impersonate User Accounts Source: Geoff Jones via Cyberis New Malware Variant of njRAT Called Mr. Skeleton RAT Discovered in the Wild Source: Broadcom Malicious NPM...
Nov 11, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts North Korean Hackers Target Crypto Firms with Hidden Risk Malware for macOS Source: Raffaele Sabato, Phil Stokes and Tom Hegel via Sentinel Labs Hackers Use ZIP Concatenation to Evade Detection and Launch Attacks on Windows Source: Arthur Vaiselbuh and Peleg Cabra via Perception Point Androxgh0st Botnet Integrates Mozi and Expands Attacks on IoT and Web Source: CloudSEK Earth Estries Employ Advanced Tactics and Too...
Nov 08, 2024β’9 min
π What's going on in the cyber world today? π¨ #CyberAlerts Malicious PyPI Package Fabrice Steals AWS Credentials from Thousands of Developers Source: Socket Winos 4.0 Malware Targets Gamers Through Malicious Game Optimization Apps Source: Cara Lin via Fortinet SteelFox and Rhadamanthys Malware Exploit Copyright Scams Using Driver Flaws Source: Check Point Research Cisco Releases Patch for Critical Ultra-Reliable Wireless Backhaul Flaw Source: Cisco Multiple Critical Flaws in HPE Aruba Access P...
Nov 07, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Critical Azure API Management Flaws Enable Attackers to Escalate Privileges Source: Christian August Holm Hansen via Binary Security New Android Malware ToxicPanda Targets Users with Fraudulent Banking Transactions Source: Cleafy Google Fixes High-Severity Vulnerabilities in Chrome with Latest Security Update Source: Google ClickFix Malware Exploits Fake Zoom and Google Meet Pages to Deliver Payloads Source: Jeremy Scion via Sekoia Resea...
Nov 06, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts APT36 Intensifies Attacks on Indian Devices Using Advanced ElizaRAT Malware Source: Check Point Research New Phishing Campaign Installs Backdoored Linux VMs on Windows for Stealthy Access Source: Den Iuzvyk and Tim Peck via Securonix APT37 Conduct Reconnaissance on South Korean Targets for Cyberespionage Source: Genians Google Issues Warning About Exploited Android Flaw Allowing Unauthorized Access Source: Google Hackers Exploit Docu...
Nov 05, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts Microsoft Warns Azure Virtual Desktop Users of Black Screen and Connection Issues Source: Microsoft Worldwide Phishing Campaign Targets ChatGPT Users with Fake OpenAI Payment Alerts Source: Prebh Dev Singh via Barracuda Critical Privilege Escalation Vulnerabilities Discovered in MediaTek Chipsets Source: MediaTek Google's Big Sleep AI Tool Discovers Zero-Day Flaw in SQLite Database Engine Source: Google Over 280 Malicious Typosquat Pack...
Nov 04, 2024β’10 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts XiΕ« GΗu Phishing Kit Exploits RCS Messages to Target Global Victims Source: Harry Everett via Netcraft Quad7 Botnet Uses Compromised Routers for Credential Theft in Global Attacks Source: Microsoft LottieFiles Addresses Supply Chain Attack on npm Package with Urgent Update Source: LottieFiles via X Hackers Exploit Two Zero-Day Vulnerabilities in PTZOptics Cameras Source: Noah Stone via GreyNoise Hikvision Network C...
Nov 01, 2024β’10 min
π What's going on in the cyber world today? π¨ #CyberAlerts FakeCall Malware on Android Hijacks Calls to Banks with New Data Theft Features Source: Fernando Ortega via Zimperium Malicious Python Tool CryptoAITools Poses as Trading Bot to Steal Cryptocurrency Source: Yehuda Gelb via Checkmarx Cybercriminals Exploit Meta Ads to Distribute SYS01stealer Malware Source: Ionut Alexandru Baltariu, Nicolae Postolachi, and Alina Bizga via Bitdefender LightSpy Malware Expands with 28 Destructive Plugins ...
Oct 31, 2024β’10 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Critical Security Vulnerabilities in Open-Source AI Models Put Systems at Risk Source: Dan McInerney and Marcello Salvati via Protect AI Konni APT Group Escalates Cyber Attacks with Innovative Spear-Phishing Techniques Source: ThreatBook CTI Midnight Blizzard Launches Info-Stealing Campaign Against Government Workers Source: Microsoft Google Chrome Releases Critical Update to Address Out-of-Bounds and WebRTC Flaws Source: Google QNAP Add...
Oct 30, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Chinese Hackers Deploy CloudScout Toolset to Steal Cookies From Cloud Services Source: Anh Ho via ESET Russian Espionage Group Delivers Malware to Ukrainian Military via Telegram Source: Google Nintendo Warns Users About Phishing Emails Imitating Official Messages Source: Nintendo New Tool Released to Bypass Google Chrome's App-Bound Encryption System Source: xaitax via X Apple Releases visionOS Update Addressing Over 25 Security Vul...
Oct 29, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts TeamTNT Unleashes Sophisticated Cloud Attacks Targeting Docker for Cryptomining Source: Assaf Morag via Aqua Black Basta Ransomware Abuses Microsoft Teams to Deceive Employees and Gain Access Source: ReliaQuest Newly Discovered Parano Stealer Malware Targets User Credentials and Data Source: Broadcom Newly Discovered OS Downgrade Flaw Poses Significant Threat to the Windows Kernel Source: Alon Leviev via SafeBreach Fog Ransomware Levera...
Oct 28, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts New Qilin.B Ransomware Variant Unveils Enhanced Encryption and Stealth Tactics Source: Halcyon AWS CDK Flaw Allows Account Takeovers via Predictable S3 Bucket Names Source: Ofek Itach and Yakir Kadkoda via Aqua Embargo Ransomware Uses Safe Mode to Disable Security Solutions in Attacks Source: Jan Holman and TomΓ‘Ε‘ Zvara via ESET GitLab Releases Critical Updates to Address HTML Injection Vulnerability and XSS Source:...
Oct 25, 2024β’9 min
