Lucene search
K

9 matches found

The Hacker News
The Hacker News
added 2025/08/18 4:3 p.m.17 views

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

Cybersecurity researchers have lifted the lid on the threat actors' exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks. The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability...

9.3CVSS8.9AI score0.9923EPSS
Exploits59
Securelist
Securelist
added 2025/08/18 9:0 a.m.14 views

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824

In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824. The exploit for this vulnerability was executed by the PipeMagic malware, which we first...

9.3CVSS8.7AI score0.9923EPSS
Exploits59
The Hacker News
The Hacker News
added 2025/05/14 5:50 p.m.37 views

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver tracked as CVE-2025-31324, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update publishe...

10CVSS9.4AI score0.99359EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/08/20 4:53 a.m.61 views

CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities KEV catalog, following its exploitation in ransomware attacks. The vulnerability, tracked as CVE-2024-23897 CVSS score: 9.8, is a path travers...

9.8CVSS9.9AI score0.99999EPSS
Exploits46
hivepro
hivepro
added 2022/11/25 12:35 p.m.11 views

A new RansomExx ransomware strain revised in Rust

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RansomExx is a ransomware variant that operates on a ransomware-as-a-service RaaS model and has been active since it first appeared in 2018 as Defray777. The latest version, dubbed RansomExx2 by threat...

4.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/07/27 6:0 p.m.27 views

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

We're here with the final installment in our Pain Points: Ransomware Data Disclosure Trends report blog series, and today we're looking at a unique aspect of the report that clarifies not just what ransomware actors choose to disclose, but who discloses what, and how the ransomware landscape has...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/23 10:12 a.m.31 views

Logistics giant warns of scams following ransomware attack

German logistics giant Hellmann Worldwide Logistics has issued a warning that data was stolen from the company when it was hit with a ransomware attack on December 9, 2021. It is not entirely clear what type of data was extracted, but the company says it is warning partners and customers to doubl...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/12/07 2:18 p.m.40 views

RansomExx Ransomware Gang Dumps Stolen Embraer Data: Report

Hackers have dumped sensitive company data that was stolen during a ransomware attack last month on aircraft manufacturer Embraer. The compromised data appeared on a new dark web site created to publish leaked information, according to a published report. The move appears to be a revenge for the...

Exploits0References14
Securelist
Securelist
added 2020/11/06 3:23 p.m.28 views

RansomEXX Trojan attacks Linux systems

We recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems. After the initial analysis we noticed similarities in the code of the Trojan, the text of the ransom notes and the general approach ...

Exploits0
Rows per page
Query Builder