Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks

New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite...

MAL-2025-88033 Malicious code in lutfi-kue34-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 660a10a80538070d5265385cbe071611ca82870978da13571eb911190d1151d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2017-3194

Malware in sbrugna...

EUVD-2009-1835

Malware in sbrugna...

Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File

Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security...

Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems. "These malicious operations impersonate AI, gaming, and Web3 firms using...

SK Telecom Uncovers Two-Year Malware Attack, Leaking 26M IMSI Records

SK Telecom reveals malware intrusion that remained hidden for nearly two years, led to the leaking of 26.69…...

New SEO Poisoning Campaign Targeting IT Admins With Malware

Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…...

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

Russian companies have been targeted as part of a large-scale phishing campaign that's designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnolog...

New npm Malware Attack Infects Popular Ethereum Library with Backdoor

Security researchers at ReversingLabs have discovered a new malware campaign on the npm package repository, revealing a new…...

CVE-2024-20408

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters

This article details a new campaign by TeamTNT, a notorious hacking group, leveraging exposed Docker daemons to deploy…...

PT-2024-10268

Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 24.09 Description This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability, as the targ...

Web Application using Malicious polyfill.io CDN (HTTP)

This script reports if a web page of the remote host is integrating JavaScript .js files hosted on the malicious polyfill.io CDN or any affiliated domain provided by the same new owner. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources,...

Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached

By Deeba Ahmed While Fujitsu did not disclose in-depth details, the company confirmed investigating a cyberattack that may have led to a data breach. This is a post from HackRead.com Read the original post: Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached...

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

The maintainers of Free Download Manager FDM have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribu...

Modern Warfare 2 Servers Were Offline Amid Malware Attack

By Deeba Ahmed The servers for classic games like Modern Warfare 2, Modern Warfare 3, and Call of Duty Black Ops 1 and 2 were recently brought back online by Activision due to increasing demand from gamers. This is a post from HackRead.com Read the original post: Modern Warfare 2 Servers Were...

Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident

DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "sophisticated...

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

A previously undocumented command-and-control C2 framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payloa...

Hackers Target Ukrainian Software Company Using GoMet Backdoor

A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known ...