Windows shortcut exploit abused as zero-day in widespread APT campaigns
11 state-sponsored APT groups from North Korea, Iran, Russia, and China have exploited this vulnerability for cyber espionage.
Cybersecurity News - Page 86
Large-scale ad fraud campaign steals user credentials and credit card data
The fraud campaign utilized a range of deceptive tactics to evade detection and bypass Android security restrictions.
New StilachiRAT employs advanced techniques to evade detection and steal data
The malware targets various data, including browser credentials, digital wallet details, clipboard contents, and system data.
Black Basta RaaS's potential connection to Russian authorities uncovered
The leaked logs reveal apparent connection between BlackBasta’s leader Oleg Nefedov and Russian officials.
China-linked MirrorFace APT targets Japan with ANEL backdoor
The group has changed its TTPs, returning to the ANEL backdoor, previously believed to have been abandoned after 2018.
Apache Tomcat RCE bug actively exploited by attackers
The attack is dead simple to execute and requires no authentication, the researchers note.
Black Basta ransomware group expands operations with BRUTED brute-forcing tool
The BRUTED framework employs a multi-step attack process to identify and compromise edge network devices.
Malicious campaign targeting PyPI users aims to steal cloud access tokens
Malicious packages targeted cloud client functionalities for major services, including Alibaba Cloud, AWS, and Tencent Cloud.
GitHub action compromise exposes secret tokens in build logs
The attack, which occurred sometime before March 14, 2025, involved a threat actor modifying the code of the tj-actions/changed-files GitHub Action.
Cyber Security Week in Review: March 14, 2025
In brief: Microsoft, Apple fix zero-days, LockBit ransomware dev extradited to the US, and more.
Showing elements 851 - 860