Lucene search
K

1591 matches found

Trellix
Trellix
added 2025/06/23 12:0 a.m.6 views

Understanding Iranian Capabilities and Hacktivist Activities

Understanding Iranian Capabilities and Hacktivist Activities By John Fokker · June 23, 2025 As geopolitical tensions flare again in the Middle East, cyber operations are increasingly becoming an extension of physical conflict. State-aligned threat actors, patriotic hackers, and ideologically...

5.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/11 7:46 a.m.46 views

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning WebDAV that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This include...

9.8CVSS9AI score0.81558EPSS
Exploits18
HackRead
HackRead
added 2025/06/09 4:12 p.m.5 views

Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS

SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and…...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/09 3:23 p.m.22 views

Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group

The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025. "The victimology includes a South Asian government entity, a European media organization, and more than...

9.4CVSS8.7AI score0.98557EPSS
Exploits3
Schneier on Security
Schneier on Security
added 2025/06/06 2:41 p.m.7 views

Report on the Malicious Uses of AI

OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/28 4:1 p.m.13 views

Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack

The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China PRC of targeting its Ministry of Foreign Affairs. In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/27 11:51 a.m.29 views

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages

Microsoft has shed light on a previously undocumented cluster of malicious activity originating from a Russia-affiliated threat actor dubbed Void Blizzard aka Laundry Bear that it said is attributed to "worldwide cloud abuse." Active since at least April 2024, the hacking group is linked to...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/27 6:54 a.m.33 views

Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor's previously documented use of an HTML Application .HTA load...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2025/05/22 9:53 p.m.24 views

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/22 12:7 p.m.37 views

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile EPMM software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, tracked as CVE-2025-4427 CVSS score:...

10CVSS9.7AI score0.99899EPSS
Exploits28
The Hacker News
The Hacker News
added 2025/05/21 6:6 p.m.53 views

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 aka BlueDelta, Fancy Bear, or Forest Blizzard, which is linked to the Russian General...

9.8CVSS8.4AI score0.97798EPSS
Exploits69
HackRead
HackRead
added 2025/05/18 5:34 p.m.24 views

Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine

ESET reports on RoundPress, a cyber espionage campaign by Russia's Fancy Bear Sednit targeting Ukraine-related organizations via webmail…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/16 7:56 a.m.18 views

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents," Qualys...

7.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2025/05/15 4:22 p.m.33 views

Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT

Cybercriminals are progressively turning PowerShell to launch stealthy attacks that evade traditional antivirus and endpoint defenses. By running code directly in memory, these threats leave minimal evidence on disk, making them particularly challenging to detect. A recent example is Remcos RAT, ...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/15 10:5 a.m.38 views

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting XSS vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET. The activity, which...

5.3CVSS8AI score0.84456EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/05/14 11:11 a.m.32 views

Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns

A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors. Cybersecurity fir...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/13 10:57 a.m.35 views

North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia. Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on th...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/13 5:8 a.m.20 views

Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers

A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. "These exploits have resulted in a collection of related user data from targets in Iraq," the...

9.8CVSS6.3AI score0.01782EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/05/12 4:0 p.m.18 views

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability CVE-2025-27920 in the messaging app Output Messenger, a multiplatform chat software. These exploits have...

9.8CVSS7.3AI score0.01782EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/05/12 4:0 p.m.16 views

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability CVE-2025-27920 in the messaging app Output Messenger, a multiplatform chat software. These exploits have...

7.2CVSS7.3AI score0.01782EPSS
Exploits0
Rows per page
Query Builder