Cybersecurity News - Page 56

In brief: WhatsApp fixes a flaw used in a spyware campaign, threat actors exploit a zero-day in Sitecore, and more.

The attackers are abusing a sample machine key that was included in Sitecore deployment guides from 2017 and earlier.

Rungan allows attackers to execute commands on compromised servers, while Gamshen is designed to provide SEO fraud as-a-service.

The campaign, described as “coordinated” and “multi-wave,” has been attributed to actors connected to Homeland Justice.

Discussions in dark net reveal that threat actors are claiming to have used HexStrike AI to successfully exploit three recently disclosed Citrix bugs.

The breach stems from compromised OAuth credentials used in the Drift-Salesforce integration.

TamperedChef is designed to steal sensitive data such as credentials and browser cookies.

A network of fake call centers employed individuals who posing as representatives of financial institutions tricked victims into transferring funds to “safe” accounts.

ThreatFabric says this shift is partly a response to Google's new security pilot programs.

The group used a dual-driver strategy in the campaign, deploying a known vulnerable Zemana driver for Windows 7, and the WatchDog driver for newer Windows 10 and 11 systems.