Lucene search
K

27 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-8628

The EntreDroppers plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS0.00205EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/12/22 6:11 a.m.8 views

Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan. "Previously, users received 'pure' Trojan APKs that acted as malware immediately upon...

7.3AI score
Exploits0
Trellix
Trellix
added 2024/11/07 12:0 a.m.10 views

New Stealer Uses Invalid Cert To Compromise Systems

New Stealer Uses Invalid Cert To Compromise Systems By Mohinder Gill, Mallikarjun Wali and Sangram Mohapatro · November 07, 2024 A new Stealer has been making the rounds. Its name: Fickle. Fickle Stealer is a new Rust-based information stealer that spreads through various attack vectors, includin...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/05/30 3:19 p.m.9 views

‘Operation Endgame’ Hits Malware Delivery Platforms

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/17 8:46 a.m.11 views

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

The Kimsuky aka Springtail advanced persistent threat APT group, which is linked to North Korea's Reconnaissance General Bureau RGB, has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is...

8.1AI score
Exploits0
Securelist
Securelist
added 2024/04/17 10:0 a.m.23 views

SoumniBot: the new Android banker’s unique techniques

The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2023/05/12 7:59 p.m.29 views

Threat Roundup for May 5 to May 12

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 5 and May 12. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

7.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/07/29 12:0 a.m.19 views

Examining New DawDropper Banking Dropper and DaaS on the Dark Web

In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give a brief history of banking trojans released in early 2022 that use malicious droppers, and elaborate on cybercriminal activities related to DaaS in the deep web...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/08 6:51 a.m.27 views

New Octo Banking Trojan Spreading via Fake Apps on Google Play Store

A number of rogue Android apps that have been cumulatively installed from the official Google Play Store more than 50,000 times are being used to target banks and other financial entities. The rental banking trojan, dubbed Octo, is said to be a rebrand of another Android malware called...

0.9AI score
Exploits0
Securelist
Securelist
added 2021/10/12 9:0 a.m.22 views

SAS 2021: Operation Software Concepts

During the Operation Software Concepts: A Beautiful Envelope for Wrapping Weapon talk on SAS-at-Home 2021, Rintaro Koike, Shogo Hayashi and Ryuichi Tanabe from NTT Security Japan will cover a new APT campaign named Operation Software Concepts. They will share details about this multi-stage attack...

1.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/09/16 1:30 p.m.17 views

The Ransomware Killchain: How It Works, and How to Protect Your Systems

Much ado has been made by this very author on this very blog! about the incentives for attackers and defenders around ransomware. There is also a wealth of information on the internet about how to protect yourself from ransomware. One thing we want to avoid losing sight of, however, is just how w...

7.5AI score
Exploits0
HackRead
HackRead
added 2021/09/08 9:22 p.m.41 views

Malware droppers for hire targeting users on fake pirated software sites

By Deeba Ahmed Some fake piracy websites have been found distributing Crypto Bot and Raccoon Stealer malware in cracked software. This is a post from HackRead.com Read the original post: Malware droppers for hire targeting users on fake pirated software sites...

2.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/26 3:0 p.m.178 views

Malware Makers Using ‘Exotic’ Programming Languages

Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found. Use of those four languages is escalating in the number of malware families being identified, according to a...

8AI score
Exploits0References22
ThreatPost
ThreatPost
added 2021/03/01 10:54 p.m.49 views

Mobile Adware Booms, Online Banks Become Prime Target for Attacks

Hackers painted a bullseye on the backs of online financial institutions in 2020 as the pandemic shuttered local branch offices and forced customers online. Over the past 12 months, incidents of adware nearly tripled. And, overall in 2020 researchers saw a slight drop in the number of mobile...

0.3AI score
Exploits0References3
The Hacker News
The Hacker News
added 2021/01/14 9:10 a.m.7 views

Experts Uncover Malware Attacks Against Colombian Government and Companies

Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubb...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/20 10:58 a.m.7 views

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans RAT capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word...

5.9AI score
Exploits0
Talos Blog
Talos Blog
added 2019/11/19 12:50 a.m.153 views

Custom dropper hide and seek

Executive summary Most users assume they are safe when surfing the web on a daily basis. But information-stealing malware can operate in the background of infected systems, looking to steal users' passwords, track their habits online and hijack personal information. Cisco Talos has monitored...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/11/15 2:48 p.m.69 views

Stealthy Malware Flies Under AV Radar with Advanced Obfuscation

Researchers warn hackers are putting a new spin on old injection techniques and successfully end-running endpoint protection. They are tracking a campaign, that kicked off in January, that is still going strong exploiting weaknesses in web browsers. The objective is to hide in the background of...

0.1AI score
Exploits0References6
Securelist
Securelist
added 2019/09/23 10:0 a.m.80 views

Hello! My name is Dtrack

Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim's ATMs, where it could read and...

7.5AI score
Exploits0
Talos Blog
Talos Blog
added 2019/07/16 5:47 a.m.1025 views

SWEED: Exposing years of Agent Tesla campaigns

By Edmund Brumaghin and other Cisco Talos researchers. Executive summary Cisco Talos recently identified a large number of ongoing malware distribution campaigns linked to a threat actor we're calling "SWEED," including such notable malware as Formbook, Lokibot and Agent Tesla. Based on our...

9.3CVSS0.99945EPSS
Exploits47
Rows per page
Query Builder