Lucene search
K

180 matches found

The Hacker News
The Hacker News
added 2024/12/04 9:48 a.m.6 views

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in...

8.3CVSS7.3AI score0.00431EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/02 2:1 p.m.29 views

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. "SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide ran...

7.8CVSS8.2AI score0.99945EPSS
Exploits62
The Hacker News
The Hacker News
added 2024/09/12 1:46 p.m.20 views

Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide

Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d aka Void. "It is a backdoor that puts its components in the system storage area and, when commanded by attacker...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 6:12 a.m.46 views

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. "The attacks involve threat actors that employ methods such as the deployment of shel...

10CVSS9.6AI score0.99984EPSS
Exploits32
The Hacker News
The Hacker News
added 2024/08/27 4:8 p.m.89 views

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of...

9.3CVSS8.6AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2024/08/10 2:30 p.m.40 views

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/29 4:56 a.m.30 views

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site

The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website "chrome-web.com" serving malicious installer packages...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/22 6:45 a.m.28 views

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

The JavaScript downloader malware known as SocGholish aka FakeUpdates is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source "volunteer...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/01 12:44 p.m.32 views

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/22 11:3 a.m.29 views

Warning: New Adware Campaign Targets Meta Quest App Seekers

A new campaign is tricking users searching for the Meta Quest formerly Oculus application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes,"...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/13 10:19 a.m.14 views

Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware

The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer. "The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/06/10 6:5 p.m.81 views

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

10CVSS8AI score0.99999EPSS
Exploits442
The Hacker News
The Hacker News
added 2024/05/20 12:20 p.m.13 views

Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal

Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. "This exploit triggers security warnings that could deceive unsuspecting users into executing harmful...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/20 5:47 a.m.15 views

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/19 7:59 a.m.14 views

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service MaaS model, target ove...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/14 10:44 a.m.10 views

Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls

Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation. "The incident involves a threat actor overwhelming a user's email with junk and...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/24 1:36 p.m.31 views

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZENSHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/24 7:2 a.m.25 views

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/08 11:29 a.m.52 views

Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/29 8:17 a.m.18 views

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index PyPI repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been...

7.3AI score
Exploits0
Rows per page
Query Builder