14 matches found
Hiding in Plain Sight: Multi-Actor ahost.exe Attacks
Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe By Mallikarjun Wali and Mohideen Abdul Khader · January 14, 2026 Executive summary The Trellix Advanced Research Center has uncovered an active malware campaign that exploits a DLL sideloading...
RansomHub Becomes 2024's Top Ransomware Group, Hitting 600+ Organizations Globally
The threat actors behind the RansomHub ransomware-as-a-service RaaS scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their...
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the...
Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control C2 mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeti...
AI-Driven Scam Ads: Deepfake Tech Used to Peddle Bogus Health Products
Scammers are leveraging deepfake technology to create convincing health and celebrity-endorsed ads on social media, targeting millions globally.…...
Unveiling BunnyLoader 3.0 Enhanced Malware Capabilities
Summary: BunnyLoader 3.0, which has been active since September 2023, is a malicious malware variant known for its enhanced data theft and advanced keylogging capabilities. This modular malware provides attackers with flexibility and presents challenges in terms of detection. Despite its global...
Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor
By Waqas Evasive Panda, also identified as BRONZE HIGHLAND and Daggerfly, is carrying out global targeting of Tibetans. This is a post from HackRead.com Read the original post: Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor...
New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts
Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The threat actor targets individuals and employees that may have access to a Facebook Business account wit...
Researchers Trace Widespread Espionage Attacks Back to Chinese 'Cicada' Hackers
A Chinese state-backed advanced persistent threat APT group known for singling out Japanese entities has been attributed to a new long-running espionage campaign targeting new geographies, suggesting a "widening" of the threat actor's targeting. The widespread intrusions, which are believed to ha...
GHSA-455W-GV5P-WGG3 Cross-site Scripting in pimcore
pimcore is vulnerable to Stored XSS at Name field in the setting tab of the Global Targeting Rules...
Cross-site Scripting in pimcore
pimcore is vulnerable to Stored XSS at Name field in the setting tab of the Global Targeting Rules...
Cross-site Scripting (XSS) - Stored in pimcore/pimcore
Description pimcore is vulnerable to Stored XSS at Name field in the setting tab of the Global Targeting Rules. Steps to reproduce 1.Go to https://demo.pimcore.fun/admin/ and login. 2.In the left menu bar, click the Marketing icon then choose Personalization / Targeting - Global Targeting Rules...
APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat
APT10 Background APT10 MenuPass Group is a Chinese cyber espionage group that FireEye has tracked since 2009. They have historically targeted construction and engineering, aerospace, and telecom firms, and governments in the United States, Europe, and Japan. We believe that the targeting of these...
SMS Trojans Spreading to the Rest of the World
SMS Trojans that ride along on supposedly benign mobile apps and then send out messages to high-priced numbers have been a problem in some Asian and Eastern European countries for several years now, most notably in Russia and China. But now the attackers have realized that there’s a whole big wor...