Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2026/04/27 11:54 a.m.8 views

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That's according to a report published by Positive Technologies, which found the threat actors to be leveragin...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/27 10:4 a.m.4 views

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy also known as...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/05 7:45 a.m.12 views

Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore

Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/03 1:29 p.m.55 views

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, t...

7.8CVSS8.2AI score0.97798EPSS
Exploits49
Talos Blog
Talos Blog
added 2024/09/03 12:0 p.m.15 views

Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads

Cisco Talos recently discovered several related Microsoft Office documents uploaded to VirusTotal by various actors between May and July 2024 that were all generated by a version of a payload generator framework called "MacroPack." MacroPack is a framework designated for Red Team exercises, but w...

7.6AI score
Exploits0
Securelist
Securelist
added 2024/09/02 10:0 a.m.36 views

Head Mare: adventures of a unicorn in Russia and Belarus

Head Mare is a hacktivist group that first made itself known in 2023 on the social network X formerly Twitter1. In their public posts, the attackers reveal information about some of their victims, including organization names, internal documents stolen during attacks, and screenshots of desktops...

7.8CVSS8.4AI score0.97798EPSS
Exploits49
Rows per page
Query Builder