North Korean hackers deploy new EtherRAT malware in React2Shell attacks
The implant comes with sophisticated mix of features, including blockchain-based C2, multi-layered persistence, and a full Node.js runtime for evasion.
Cybersecurity News - Page 37
Fortinet, Ivanti patch critical authentication and code-execution flaws
Organizations are recommended to apply fixes as soon as possible.
Microsoft fixes over 50 flaws, including actively exploited zero-day
Microsoft has not disclosed details about how the flaw was used in the wild.
New JS#SMUGGLER campaign uses breached websites to deploy NetSupport RAT
The RAT grants attackers extensive access to infected systems.
Ransomware gangs adopt new Shanya PaaS to evade EDR tools
Shanya provides threat actors with a way to wrap their malware in highly customized, obfuscated code that bypasses most security tools.
Two malicious VS Code extensions steal credentials, cookies, and crypto wallets
The extensions called “Bitcoin Black” and “Codo AI” were disguised as a color theme and AI assistant.
New agentic browser attack lets emails trigger Google Drive wipe
Because the agent interprets the message as legitimate workload, it may execute the destructive steps without prompting the user for approval.
Portugal updates legislation to protect ethical security research
To qualify, researchers must ensure their work is solely aimed at uncovering flaws they did not create and contributes to improved security.
MuddyWater deploys new UDPGangster backdoor in attacks across the Middle East
The cyber-espionage activity has primarily targeted users in Turkey, Israel, and Azerbaijan.
Chinese Warp Panda cyberespionage campaign targeting North American firms
In addition to BrickStorm, Warp Panda has also deployed JSP web shells and two new implants for ESXi environments.
Showing elements 361 - 370