Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2025/12/03 5:46 p.m.8 views

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company's November 2025 Patch Tuesday updates, according to ACROS Security's 0patch. The vulnerability in question is CVE-2025-9491 CVSS score: 7.8/7.0, which has been describ...

7.8CVSS7.5AI score0.63102EPSS
Exploits3
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/03/18 12:0 a.m.31 views

ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns

Trend Zero Day Initiative™ ZDI uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373 aka ZDI-25-148, a Windows .lnk file vulnerability that enables hidden command execution...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 12:7 p.m.13 views

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

The Singapore Police Force SPF has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/26 10:13 a.m.76 views

Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang aka CamoFei,...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/07 5:5 a.m.56 views

Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now

JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment CI/CD software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating ...

9.8CVSS7.9AI score0.99979EPSS
Exploits17
hivepro
hivepro
added 2023/10/19 6:23 a.m.29 views

Multiple State-Sponsored Groups Exploit WinRAR Vulnerability in Phishing Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A series of phishing attacks linked to a Russian state-sponsored group, leveraging a WinRAR vulnerability to steal data, including browser credentials via PowerShell commands and exfiltrating it through ...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/18 2:0 p.m.20 views

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Cyber criminals come in all shapes and sizes. On one end of the spectrum, theres the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics--often with long-term, strategic goals in mind. Advanc...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/21 9:54 a.m.256 views

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significa...

9.8CVSS8.7AI score0.99999EPSS
Exploits179
Securelist
Securelist
added 2022/11/22 8:0 a.m.21 views

Crimeware and financial cyberthreats in 2023

A look back on the year 2022 and what to expect in 2023 Every year, as part of the Kaspersky Security Bulletin, we predict which major trends will be followed in the coming year by attackers, who target financial organizations. The predictions, based on our extensive experience, help individuals...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/05 6:0 a.m.261 views

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has "observed a reduction in the time between the...

10CVSS0.4AI score0.99999EPSS
Exploits101
The Hacker News
The Hacker News
added 2022/06/08 8:20 a.m.35 views

U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers

U.S. cybersecurity and intelligence agencies have warned about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020. The widespread intrusion campaigns aim to exploit publicly identified security flaws i...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/01 10:11 a.m.68 views

Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions

Amid heightened border tensions between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/09 2:7 p.m.12 views

Air Force Classifies Some Cybersecurity Tools as Weapons

The United States government for years has been developing and deploying offensive cyber capabilities, most of it done without much in the way of public notice. That’s been changing of late, as government and military officials have become more open in discussing these capabilities and under what...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/10/24 12:0 a.m.10 views

Verizon DBIR Analysis: Insiders Often Complicit in Breaches of Intellectual Property

Verizon has further dissected breach data from its annual Data Breach Investigations Report DBIR and built a profile of intellectual property theft that points to a disturbing combination of factors leading to successful infiltrations by cybercriminals, competitors, hacktivists and nation-state...

1.4AI score
Exploits0References3
Rows per page
Query Builder