PT-2026-8072

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimp campaigns manager disconnect app function that is hooked to the AJAX action of the same name. This makes it...

kog-bonds-poc

KOG Bonds POC Agent Complete proof-of-concept demonstrating e...

EUVD-2019-9572

Malware in sbrugna...

EUVD-2022-3070

Malicious code in bioql PyPI...

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy aka Cyber D' Luffy on the Runion forum earlier this August, is...

DarkGate switches up its tactics with new payload, email templates

This post was authored by Kalpesh Mantri. Cisco Talos is actively tracking a recent increase in activity from malicious email campaigns containing a suspicious Microsoft Excel attachment that, when opened, infected the victims system with the DarkGate malware. These campaigns, active since the...

Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said...

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report...

ICYMI: Emotet Reappeared Early This Year, Unfortunately

ICYMI: Emotet Reappeared Early This Year, Unfortunately By Adithya Chandra and Joao Marques · September 1, 2023 This blog was also written by Raghav Kapoor Executive Summary Emotet first appeared in 2014 and continues to be a dangerous and resilient malware, despite attempts by law enforcement...

Phishing 3.0: Crooks Leverage AWS in Deceptive Email Campaigns

By Habiba Rashid The new attack has been dubbed Phishing 3.0. This is a post from HackRead.com Read the original post: Phishing 3.0: Crooks Leverage AWS in Deceptive Email Campaigns...

Tracking the Malicious Email Campaigns of Russia-Aligned TA499

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary TA499 is a group of threat actors aligned with the Russian state that engages in impersonation-based, patriotically motivated misinformation campaigns. They use email ...

Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity

Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity By Daksh Kapur, Tomer Shloman, Robert Venal and John Fokker · January 24, 2023 Figure 1 It has been almost a year since Russia invaded Ukraine in a major escalation of the Russo-Ukrainian War...

Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity

Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity By Daksh Kapur, Tomer Shloman, Robert Venal and John Fokker · January 24, 2023 Figure 1 It has been almost a year since Russia invaded Ukraine in a major escalation of the Russo-Ukrainian War...

BACKCLICK 跨站脚本漏洞

BACKCLICK is a marketing software from BACKCLICK Germany that helps organizations create, implement, measure, and run web-based email campaigns. A security vulnerability exists in BACKCLICK Professional 5.9.63, which stems from insufficient output coding of user-supplied data allowing an attacker...

OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million Scheme

A Russian-speaking ransomware group dubbed OldGremlin has been attributed to 16 malicious campaigns aimed at entities operating in the transcontinental Eurasian nation over the course of two and a half years. "The group's victims include companies in sectors such as logistics, industry, insurance...

GHSA-7VVH-XQQ4-W777 Mautic Cross-Site Request Forgery (CSRF)

Multiple cross-site request forgery CSRF vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that 1 delete email campaigns or 2 delete contacts...

Mautic Cross-Site Request Forgery (CSRF)

Multiple cross-site request forgery CSRF vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that 1 delete email campaigns or 2 delete contacts...

Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks

A newly discovered and complex remote access trojan RAT is spreading via malicious email campaigns using COVID-19 lures and includes numerous features to evade analysis or detection by researchers, Proofpoint has found. Dubbed Nerbian RAT, the novel malware variant is written in the OS-agnostic G...

AvosLocker Ransomware group has targeted 50+ Organizations Worldwide

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Federal Bureau of Investigation and Cybersecurity and Infrastructure Security Agency released threat advisories on AvosLocker Ransomware. It is a Ransomware as a Service RaaS affiliate-based group that has targeted 50+...

Meet Exotic Lily, access broker for ransomware and other malware peddlers

The Google Threat Analysis Group TAG has shared their observations about a group of cybercriminals called Exotic Lily. This group has specialized itself as an initial access broker, which means they find a vulnerability in an organizations defenses, exploit that vulnerability, and sell the access...