Lucene search
K

153 matches found

The Hacker News
The Hacker News
added 2026/03/26 11:7 a.m.7 views

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky. "When Coruna was first...

7.8CVSS7.3AI score0.51517EPSS
Exploits3
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/01/22 12:0 a.m.5 views

Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware

TrendAI™ Research provides a technical analysis of a compromised EmEditor installer used to deliver multistage malware that performs a range of malicious actions...

5.5AI score
Exploits0
Securelist
Securelist
added 2025/04/24 5:0 a.m.46 views

Operation SyncHole: Lazarus APT goes back to the well

We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software. The campaign, dubbed "Operation SyncHole...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 6:2 p.m.11 views

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 10:43 a.m.11 views

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusio...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/29 3:59 p.m.52 views

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack

Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...

9.6CVSS9.5AI score0.29179EPSS
Exploits6
Wired Threat Level
Wired Threat Level
added 2024/08/29 2:17 p.m.14 views

Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ Attacks

Suspected Russian hackers have compromised a series of websites to utilize sophisticated spyware exploits that are eerily similar to those created by NSO Group and Intellexa...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/24 9:43 a.m.21 views

Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool

The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a backdoor called PGoShell. The development marks the first time the adversary has been observed using the red teaming...

7.7AI score
Exploits0
hivepro
hivepro
added 2024/03/12 6:27 a.m.26 views

Evasive Panda China-Linked Cyberespionage Targeting Tibetans

Summary: Evasive Panda, a threat actor associated with China, has masterminded an intricate cyberespionage campaign targeting Tibetan users since at least September 2023. This operation employs both watering hole and supply chain attacks to achieve its objectives. Threat Level - Red | Attack Repo...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/07 1:22 p.m.25 views

Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks

The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and ...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.6 views

The vulnerability of the MagicLine 4 authentication software lies in the possibility of data being written outside of the buffer in memory. This allows a malicious actor to gain unauthorized access to protected information and carry out a “Watering Hole” attack.

The vulnerability of the MagicLine 4 authentication software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information and carry out a “Watering Hole” attack...

10CVSS8.2AI score0.00821EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2023/11/10 7:11 a.m.52 views

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors

A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/10 5:9 a.m.47 views

Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan

Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/26 7:24 a.m.40 views

Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks

The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/25 10:34 a.m.46 views

From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese

Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. "The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/19 11:10 a.m.47 views

Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities

The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary's attacks against public and private sector entiti...

10CVSS8.8AI score0.99986EPSS
Exploits89
The Hacker News
The Hacker News
added 2023/05/24 1:49 p.m.35 views

Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Iranian threat actor tracked as Tortoiseshell,...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/24 1:49 p.m.4 views

Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Iranian threat actor tracked as Tortoiseshell,...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/23 1:56 p.m.43 views

North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

The North Korean advanced persistent threat APT group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/06 11:24 a.m.3 views

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

An advanced persistent threat APT actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an...

6.6AI score
Exploits0
Rows per page
Query Builder