8 matches found
PT-2025-30612 · Undefined · Undefined
💥 UPDATE We now have a reliable vulnerable detection method check-based for CVE-2025-35770. 📌 Nearly 500 unique IP addresses are vulnerable, counting numerous governmental organizations. SharePoint ToolShell https://t.co/Rle2igcE3X...
GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets
A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a South Asian embassy in Belarus and a European...
Disrupting SEABORGIUM’s ongoing phishing operations
The Microsoft Threat Intelligence Center MSTIC has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state...
SQL Injection Vulnerability in ASRock Terminal Security Management System
ASRock Terminal Security Management System is an integrated terminal security product solution for governmental and enterprise organizations. The product integrates anti-virus, terminal security control, terminal access, terminal audit, peripheral control, EDR and other functions, and is compatib...
New DNS Hijacking Attacks
DNS hijacking isn't new, but this seems to be an attack of unprecedented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the...
Spring Dragon – Updated Activity
Spring Dragon is a long running APT actor that operates on a massive scale. The group has been running campaigns, mostly in countries and territories around the South China Sea, since as early as 2012. The main targets of Spring Dragon attacks are high profile governmental organizations and...
Baidu, Alibaba, Tencent in the column: a“watering hole attack”using JSONP hijacking tracking user-vulnerability warning-the black bar safety net
Can you imagine if an authoritarian state to get a way to obtain user privacy information of the tool, and this tool can obtain the user in a specific site on the real name, email address, gender, birthday and phone number, etc., that would be what kind of scene? You can also imagine that an...
Attackers Exploit Java, Compromise Reporters Without Borders Site
The Java saga continued when unknown, and apparently well concealed goons exploited recent Java and Internet Explorer zero-days to compromise the website of the French-based, free-press advocacy group, Reporters Without Borders. The attack, which attempted to take advantage of the time-gulf that...