Russian hackers exploit Windows flaw to spread malware via fake IT messages
The treat actors have been sending Microsoft Teams requests to victims posing as IT staff.
Cybersecurity News - Page 47
Cyber Security Week in Review: August 1, 2025
In brief: Russia-linked Turla targets foreign embassies in Moscow, a critical SAP NetWeaver flaw exploited to deploy the Auto-Color backdoor, and more.
Gold Blade threat actor upgrades infection chain for RedLoader malware
The latest campaign leverages a previously unreported method of initial access, combining multiple tactics.
JSCEAL malware campaign targets crypto app users
The JSCEAL campaign leverages malvertising primarily on social media platforms.
Chinese firms linked to Salt Typhoon behind dozens of tech patents for cyber espionage tools
The patents mention tools for encrypted endpoint data collection, forensic access to Apple devices, and remote control of routers and smart home systems.
Scattered Spider targets data storage systems via IT help desk impersonation
The joint advisory was updated with the latest data from FBI-led investigations as recent as June 2025.
Critical SAP Netweaver flaw exploited to deploy Auto-Color backdoor
The attack exploited the CVE-2025-31324 vulnerability that allows attackers to upload arbitrary files.
Leak Zone underground forum exposed users’ IPs in massive data leak
Researchers discovered that Leak Zone left an unsecured Elasticsearch database exposed to the internet.
Threat actors breach Toptal GitHub account in supply chain attack
The malicious packages contained payloads capable of exfiltrating GitHub authentication tokens and destroying victim systems.
Endgame Gear warns of malware in its mouse configuration tool
Scans from affected users identified the malware as part of the XRed backdoor family.
Showing elements 461 - 470