ClickFix phishing campaign deploys Havok post-exploitation framework for remote access
ClickFix, a tactic that surfaced last year, involves fake error messages that trick victims into running malicious PowerShell commands.
Cybersecurity News - Page 89
Hackers attack UAE aviation sector in highly targeted email-based campaign
The primary goal of the attack was to deliver Sosano, a custom backdoor written in Go.
Three zero-day flaws in VMware ESXi, Workstation, and Fusion exploited in the wild
Google has rolled out its monthly Android Security Bulletin for March 2025 to fix over 40 vulnerabilities, including two zero-days.
12,000 API keys and passwords found in DeepSeek's training data
In total, nearly 1,500 unique MailChimp keys were found hardcoded into HTML and JavaScript on front-end webpages.
Trump administration to halt offensive cyber ops against Russia
Defense Secretary Pete Hegseth has directed Cyber Command to halt any operations aimed at countering Russian cyber activities.
Serbian activist's phone targeted with Cellebrite zero-day exploit
The exploit is based on a vulnerability in Android’s USB drivers and was initially discovered in 2024.
Threat actors exploit zero-day in Paragon Partition Manager in BYOVD attacks
Attackers exploit the BioNTdrv.sys driver to escalate their privileges to SYSTEM level.
Cybersecurity Week in Review: February 28, 2025
In brief: Russia’s Sandworm APT targets critical infrastructure in Ukraine, suspected Desorden hacker arrested, and more.
$1.5B Bybit heist linked to a compromised developer machine within Safe{Wallet} infrastructure
The attack was initiated through a targeted injection of malicious JavaScript into the Safe{Wallet} platform’s infrastructure.
New Auto-Color Linux backdoor targets universities and gov’t offices in North America and Asia
Auto-Color can maintain access over extended periods.
Showing elements 881 - 890