166 matches found
GHSA-8MHJ-RFFC-RCVW
creationtimestamp| type| source ---|---|--- 2026-04-03 17:25:37+00:00| seen| Telegram/t4suql6I0-EgAbge55Y7fbPScZyJgFXRiuXCvL-XHGMk0Q...
PT-2025-51095
🚨 Google Chrome Eighth Zero-Day Vulnerability CVE-2025-7499109 Advisory High Dec 13, 2025 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 ThreatIntelligence CyberSecurity Innovation LLM https://t.co/yHTrc16kSs...
Evil Ant The Python-Powered Ransomware
Summary: Evil Ant Ransomware, a sophisticated Python-based malware compiled with PyInstaller, operates covertly by hiding its console window and executing tasks discreetly. It aims to gain access to critical system functions and encrypt secured files. Threat Level - Amber | Attack Report For a...
Critical SQL Injection Vulnerability Discovered in Atlassian Bamboo
Summary: Atlassian has released patches addressing several security vulnerabilities, including a significant critical issue impacting Bamboo Data Center and Server, identified as CVE-2024-1597. This flaw, leading to a SQL injection, poses a risk of unnecessary data exposure and potential data...
Operation PhantomBlu Deploys NetSupport RAT via OLE Template
Summary: Under the guise of Operation PhantomBlu, a new phishing campaign is aimed at American companies with the goal of deploying the remote access trojan NetSupport RAT. By utilising OLE template manipulation, the PhantomBlu operation presents a sophisticated exploitation technique. This...
The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group
Summary: A sophisticated multi-stage attack campaign linked to the North Korean Kimsuky group, dubbed DEEPGOSU. Using PowerShell and VBScript, the attackers leverage remote access trojan RAT software for full control over infected hosts, while employing legitimate services like Dropbox for comman...
Cisco IOS XR Flaws Enable Privilege Elevation and DoS Attacks
Summary: Three high-severity vulnerabilities have been discovered in the Cisco IOS XR software, posing risks of denial-of-service DoS attacks and elevation of privilege. These vulnerabilities are tracked as CVE-2024-20320, CVE-2024-20318, and CVE-2024-20327. Threat Level - Amber | Vulnerability...
Critical XSS Flaw Discovered in WP Statistics Impacting 600K Sites
Summary: A critical Cross-Site Scripting XSS vulnerability CVE-2024-2194 in WP Statistics plugin, allowing attackers to inject malicious code via the URL parameter. With over 600,000 installations, the flaw poses severe risks, enabling unauthorized script execution and potential data theft or sit...
Malware Concealed Within PDFs for Data Theft
Summary: In a recently observed campaign an infostealer masquerading as the Adobe Reader installer was being distributed. The file is being distributed by the threat actor in PDF format, luring people to download and execute it, collecting sensitive information. Threat Level - Amber | Attack Repo...
Microsoft’s March 2024 Patch Tuesday Addresses 60 Vulnerabilities
Summary: Microsofts March 2024 Patch Tuesday addresses 60 vulnerabilities, including two critical vulnerabilities, spanning various products like Office, Exchange Server, and Windows Kernel. Critical flaws in Windows Hyper-V CVE-2024-21407 and CVE-2024-21408 require immediate attention to mitigat...
Critical Vulnerabilities Discovered in TeamCity, Enable Server Takeover
Summary: Two vulnerabilities in the JetBrains TeamCity On-Premises software have been discovered CVE-2024-27198 and CVE-2024-27199. Threat actors may attempt to take advantage of these vulnerabilities in order to breach and gain control of the impacted systems leading to system compromise. Threat...
Xeno RAT Open-Source Trojan Sparks Alarm
Summary: The Xeno RAT, a remote access trojan RAT available on GitHub, has gained attention in the threat landscape due to its open-source nature. This C-based malware is compatible with both Windows 10 and 11, specifically targeting consumers by presenting itself as disguised binaries that...
LockBit’s Resurgence After Operation Cronos
Summary: LockBit ransomware, previously known as "ABCD," remains a significant threat despite the recent takedown of its operations by global law enforcement. It reemerged within 4 days and its Affiliates were found exploiting vulnerabilities in ScreenConnect to install LockBit ransomware and...
Roundcube Webmail Faces Unrelenting Exploitation
Summary: The Roundcube email server vulnerability, identified as CVE-2023-43770 and previously mitigated in September 2023, is currently being actively exploited. This flaw enables attackers to gain access to restricted information, with potential repercussions including sensitive data theft, use...
Earth Preta’s DOPLUGS Leaves its Mark in Asia
Summary: The Chinese threat actor, Earth Preta, strategically targeted numerous Asian countries by employing a customized version of the PlugX backdoor known as DOPLUGS. This sophisticated threat was allegedly revealed during the SMUGX campaign in July 2023. Threat Level - Red | Attack Report For...
Kimsuky Exploits Legitimate Certificate to Disseminate TrollAgent
Summary: The Kimsuky group, backed by North Korea, used TrollAgent malware via a fake security program to target a Korean construction associations website, stealing data and enabling remote control between December 2023 and January 2024. Threat Level - Amber | Attack Report For a detailed threat...
North-Korean Cyber-Espionage Operations Grapples Defense Sector
Summary: There is an ongoing cyber-espionage campaign purportedly led by the North Korean threat actors, specifically targeting the global defense industry. The primary objective of these attacks is to acquire data pertaining to advanced military technology, with the intention of assisting North...
Novel Smishing Kit Leverages Cloud Platform
Summary: SNS Sender, a malicious Python script that leverages AWS SNS for mass SMS spamming, presents a novel approach to cloud-based attack tools, particularly in the area of smishing. The ARDUINODAS threat actor is linked to the operation that uses this cloud capability to send out a lot of...
A Fresh Look at the Bumblebee’s Comeback Strategies
Summary: BumbleBee, a malicious loader discovered in March 2022, resurfaced in the cyber threat landscape on February 8, 2024, after a four-month hiatus. Unlike in previous campaigns, this attack chain diverges from conventional techniques. Threat Level - Amber | Attack Report For a detailed thre...
Critical Flaw in Zoom Windows Apps Allows Privilege Elevation
Summary: Zoom has addressed an input validation flaw CVE-2024-24691 that renders the Zoom desktop and VDI clients, along with the Meeting SDK for Windows, vulnerable to privilege escalation on the target system via the network, even by an unauthenticated attacker. Threat Level - Red | Vulnerabili...