Lucene search
K

104 matches found

The Hacker News
The Hacker News
added 2026/05/05 2:19 p.m.11 views

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

A sophisticated China-nexus advanced persistent threat APT group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. The activity is being tracked by Cisco Talos under the moniker UAT-8302 ,...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/06 8:22 a.m.9 views

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

A China-linked advanced persistent threat APT actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-924...

6AI score
Exploits0
Talos Blog
Talos Blog
added 2026/03/05 11:0 a.m.56 views

UAT-9244 targets South American telecommunication providers with three new malware implants

Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat APT actor closely associated with Famous Sparrow. Since 2024, UAT-9244 has targeted critical telecommunications infrastructure, including Windows and Linux-based endpoints and edge...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/11 1:16 p.m.22 views

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control C2 purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/27 9:28 a.m.5 views

Blind Eagle's Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government acros...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/12/13 10:0 a.m.8 views

As the Mastermind of Far-Right ‘Active Clubs’ Goes to Prison, His Violent Movement Goes Global

The white supremacist Robert Rundo faces years in prison. But the “Active Club” network he helped create has proliferated in countries around the world, from Eastern Europe to South America...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/08 4:26 p.m.12 views

Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines

Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. "These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/10 3:48 p.m.44 views

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously...

10CVSS7.4AI score0.99512EPSS
Exploits153
The Hacker News
The Hacker News
added 2023/12/19 5:42 a.m.67 views

Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. "Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating dat...

9.8CVSS7.8AI score0.99999EPSS
Exploits38
Kitploit
Kitploit
added 2023/04/18 12:30 p.m.40 views

Wa-Tunnel - Tunneling Internet Traffic Over Whatsapp

This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can be usable in different situations, for example network carriers that give unlimited whatsapp data or airplanes where you also get unlimited social network data. It's using Baileys since it'...

7.5AI score
Exploits0References3
hivepro
hivepro
added 2023/02/15 10:58 a.m.12 views

New China-based Group Expands Operations to Compromise Diplomatic Targets in South America

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The China-based cyber espionage group DEV-0147 has expanded its data exfiltration operations to include diplomatic targets in South America, in addition to targeting government agencies and think tanks in...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/14 9:39 a.m.128 views

Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad

Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The tech giant's Security Intelligence team is tracking the cluster under the emerging moniker DEV-0147, describing the activity as an "expansion of the group's...

10CVSS0.8AI score0.99999EPSS
Exploits22
HackRead
HackRead
added 2022/10/01 11:13 p.m.16 views

New DDoS Malware ‘Chaos’ Hits Linux and Windows Devices

By Deeba Ahmed Most devices infected by Chaos malware are located in Europe, particularly Italy but infections were also observed in Asia Pacific, South America, and North America. This is a post from HackRead.com Read the original post: New DDoS Malware Chaos Hits Linux and Windows Devices...

2.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/08 11:2 a.m.45 views

Chinese Hackers Target Government Officials in Europe, South America, and Middle East

A Chinese hacking group has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with a modular malware known as PlugX. Cybersecurity firm Secureworks said it identified the intrusions in June and July 2022, once again demonstrati...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/15 1:5 p.m.21 views

Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers

A new Golang-based peer-to-peer P2P botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to maximize spreadability and execute malware...

0.6AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/04/18 12:0 a.m.10 views

Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders

We take a look at our latest Cyber Risk Index CRI findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk...

2.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/04/18 12:0 a.m.11 views

Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders

We take a look at our latest Cyber Risk Index CRI findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk...

2.2AI score
Exploits0
Securelist
Securelist
added 2022/04/07 10:0 a.m.36 views

A Bad Luck BlackCat

In early December 2021, a new ransomware actor started advertising its services on a Russian underground forum. They presented themselves as ALPHV, a new generation Ransomware-as-a-Service RaaS group. Shortly afterwards, they dialed up their activity, infecting numerous corporate victims around t...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/20 11:0 a.m.27 views

A New Wave of Malware Attack Targeting Organizations in South America

A spam campaign delivering spear-phishing emails aimed at South American organizations has retooled its techniques to include a wide range of commodity remote access trojans RATs and geolocation filtering to avoid detection, according to new research. Cybersecurity firm Trend Micro attributed the...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/05/17 4:19 p.m.116 views

Bizarro Banking Trojan Sports Sophisticated Backdoor

A never-before-documented Brazilian banking trojan, dubbed Bizarro, is targeting customers of 70 banks scattered throughout Europe and South America, researchers said. According to an analysis from Kaspersky released Monday, Bizarro is a mobile malware, aimed at capturing online-banking credentia...

5.8AI score
Exploits0References5
Rows per page
Query Builder