Lucene search
+L

14 matches found

The Hacker News
The Hacker News
added 2026/06/05 12:33 p.m.28 views

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 where "OP" stands for "opponent" that has been observed targeting Microsoft Internet Information Services IIS servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to hi...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/02 7:30 p.m.18 views

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services AWS secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos...

10CVSS7.2AI score0.99562EPSS
Exploits376
The Hacker News
The Hacker News
added 2026/02/18 10:32 a.m.13 views

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group GTIG. The activity...

10CVSS7.5AI score0.13122EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/09/03 3:53 a.m.10 views

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/15 4:20 p.m.12 views

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

A Chinese-speaking advanced persistent threat APT actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talo...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/09 3:23 p.m.22 views

Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group

The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025. "The victimology includes a South Asian government entity, a European media organization, and more than...

9.4CVSS8.7AI score0.98557EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/06/04 3:24 p.m.18 views

Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

Google has disclosed details of a financially motivated threat cluster that it said "specializes" in voice phishing aka vishing campaigns designed to breach organizations' Salesforce instances for large-scale data theft and subsequent extortion. The tech giant's threat intelligence team is tracki...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/04 4:54 a.m.15 views

CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware

The Computer Emergency Response Team of Ukraine CERT-UA has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use o...

7.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/09/06 12:0 a.m.20 views

TIDRONE Targets Military and Satellite Industries in Taiwan

Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/15 9:51 a.m.38 views

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/06/14 7:10 p.m.61 views

CVE-2023-34362: MOVEit Vulnerability Timeline of Events

The following article was written by Drew Burton and Cynthia Wyre. Rapid7 continues to track the impact of CVE-2023-34362, a critical zero-day vulnerability in Progress Software’s MOVEit Transfer solution. CVE-2023-34362 allows for SQL injection, which can result in unauthorized access to sensiti...

7.5CVSS9.8AI score0.99934EPSS
Exploits15
The Hacker News
The Hacker News
added 2022/11/23 9:28 a.m.123 views

Hackers Exploiting Abandoned Boa Web Servers to Target Critical Industries

Microsoft on Tuesday disclosed the intrusion activity aimed at Indian power grid entities earlier this year likely involved the exploitation of security flaws in a now-discontinued web server called Boa. The tech behemoth's cybersecurity division said the vulnerable component poses a "supply chai...

7.8CVSS1.1AI score0.68243EPSS
Exploits8
The Hacker News
The Hacker News
added 2022/04/18 6:0 a.m.88 views

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information. Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, th...

6.1CVSS0.1AI score0.23717EPSS
Exploits2
The Hacker News
The Hacker News
added 2022/01/16 9:6 a.m.27 views

A New Destructive Malware Targeting Ukrainian Government and Business Entities

Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation dubbed "WhisperGate" targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia. "The...

0.5AI score
Exploits0
Rows per page
Query Builder