Lucene search
K

20 matches found

HackRead
HackRead
added 2025/10/30 11:52 a.m.4 views

Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks

Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/10/16 1:0 p.m.6 views

When the Call Comes from Inside: The Rising Threat of Insider Recruitment in Ransomware Campaigns

In cybersecurity, we often say that attackers only need to be right once – and defenders need to be right every time. Traditionally, we’ve focused on perimeter breaches, phishing campaigns, and zero-day exploits. But increasingly, attackers are bypassing these hardened defenses and taking a...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35425

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00452EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2025/08/26 10:45 a.m.3 views

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/06/05 11:29 a.m.27 views

Ransomware hiding in fake AI, business tools

Artificial intelligence AI and small business tools are being abused as smokescreens to hit unsuspecting victims with ransomware. In the masquerade campaigns discovered by Cisco Talos, cybercriminals hid malware behind software and install packages that mimicked the websites or names of the lead...

7.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/05/21 4:0 p.m.28 views

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Over the past year, Microsoft observed the persistent growth and operational sophistication of Lumma Stealer, an infostealer malware used by multiple financially motivated threat actors to target various industries. Our investigation into Lumma Stealer’s distribution infrastructure reveals a...

7.9AI score
Exploits0
Metasploit
Metasploit
added 2024/12/05 6:56 p.m.516 views

CyberPanel Multi CVE Pre-auth RCE

This module exploits three separate unauthenticated Remote Code Execution vulnerabilities in CyberPanel: - CVE-2024-51567: Command injection vulnerability in the "upgrademysqlstatus" endpoint. - CVE-2024-51568: Command Injection via the "completePath" parameter in the "outputExecutioner" sink. -...

10CVSS8.3AI score0.94798EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2024/07/30 12:28 a.m.5 views

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in...

7.2CVSS8.2AI score0.2677EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/05/11 7:29 a.m.16 views

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands,...

7.5AI score
Exploits0
CISA
CISA
added 2023/10/12 12:0 p.m.6 views

CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware

Today, as part of the Ransomware Vulnerability Warning Pilot RVWP, CISA launched two new resources for combating ransomware campaigns: A “Known to be Used in Ransomware Campaigns” column in the KEV Catalog that identifies KEVs associated with ransomware campaigns. A “Misconfigurations and...

7AI score
Exploits0References7
Cvelist
Cvelist
added 2023/10/10 12:0 a.m.32 views

CVE-2023-31096

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

7.9AI score0.00452EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2023/02/07 11:2 a.m.39 views

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process. "The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying...

1.2AI score
Exploits0
CNNVD
CNNVD
added 2022/09/08 12:0 a.m.5 views

QNAP Systems Photo Station 安全漏洞

QNAP Systems Photo Station is an online photo album from QNAP Systems. It is used to organize multimedia content photos and videos on Qnap Nas. A security vulnerability in QNAP Systems Photo Station can be exploited by an attacker to execute DeadBolt ransomware campaigns affecting the following...

10CVSS8.3AI score0.87908EPSS
Exploits0References3
Microsoft Secure
Microsoft Secure
added 2022/09/07 9:0 p.m.132 views

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations,...

9.3CVSS0.7AI score0.99999EPSS
Exploits436
ThreatPost
ThreatPost
added 2020/06/29 9:3 p.m.37 views

REvil Ransomware Gang Adds Auction Feature for Stolen Data

The REvil ransomware gang also known as Sodinokibi has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns. The auction capability appeared at the beginning of June, according to an analysis from Cyberint. In...

7.3AI score
Exploits0References9
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/08/09 2:5 p.m.49 views

This Week in Security News: Ransomware Campaigns and Cryptocurrency Miners

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about continuing cybersecurity attacks targeting small governments. Also, read how XDR, Trend Micro’s newest solution, is more...

7.9AI score
Exploits0
ThreatPost
ThreatPost
added 2019/05/23 8:24 p.m.103 views

Shade Ransomware Expands to U.S. Targets

Shade, a ransomware known to target Russian victims, has been spotted in several recent campaigns scoping out new locations – including in the U.S. and Japan. The ransomware, first spotted in late 2014 by Kaspersky Lab researchers, has been known for focusing on Russian victims – but more recent...

0.9AI score
Exploits0References6
The Hacker News
The Hacker News
added 2019/01/15 11:51 a.m.89 views

How to Secure Your Mid-Size Organization From the Next Cyber Attack

If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that smal...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2016/10/25 1:13 p.m.21 views

Following Lull, New Campaigns Pushing Retooled 'Pumpkin' Locky

New and increasingly diverse variants of ransomware are released weekly, but developers behind the Locky strain have managed to keep the malware fresh in the face of changing trends. Researchers with Cisco’s Talos Security Intelligence and Research Group said this week they observed three separat...

7.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2014/01/08 8:0 a.m.16 views

Blackhole Exploit Kit Successor Years Away

It should shock no one that a viable successor to the Blackhole exploit kit has yet to emerge in the criminal underground. It’s been less than three months since the arrest of its alleged creator Paunch sent cybercriminals reliant on the toolkit scrambling for a replacement. And like any profitab...

0.2AI score
Exploits0References5
Rows per page
Query Builder