China-linked MirrorFace APT targets Japan with ANEL backdoor
The group has changed its TTPs, returning to the ANEL backdoor, previously believed to have been abandoned after 2018.
Cybersecurity News - Page 74
Apache Tomcat RCE bug actively exploited by attackers
The attack is dead simple to execute and requires no authentication, the researchers note.
Black Basta ransomware group expands operations with BRUTED brute-forcing tool
The BRUTED framework employs a multi-step attack process to identify and compromise edge network devices.
Malicious campaign targeting PyPI users aims to steal cloud access tokens
Malicious packages targeted cloud client functionalities for major services, including Alibaba Cloud, AWS, and Tencent Cloud.
GitHub action compromise exposes secret tokens in build logs
The attack, which occurred sometime before March 14, 2025, involved a threat actor modifying the code of the tj-actions/changed-files GitHub Action.
Cyber Security Week in Review: March 14, 2025
In brief: Microsoft, Apple fix zero-days, LockBit ransomware dev extradited to the US, and more.
New North Korea-linked Android spyware KoSpy targets Korean and English-speaking users
KoSpy is distributed through fake utility applications, which masquerade as helpful tools.
Chinese hackers Volt Typhoon lurked for nearly a year in systems of US utility company
The breach is believed to be part of a broader cyberespionage effort by China’s government targeting US critical infrastructure.
China-nexus hackers UNC3886 target Juniper MX routers with custom backdoors
The group first gained access to a target network through a terminal server used for managing devices.
Apple rolls out security patches to fix to exploited zero-day vulnerability in WebKit
The vulnerability could be exploited by attackers to break out of WebKit's Web Content sandbox by using maliciously crafted web content.
Showing elements 731 - 740