Lucene search
+L

5 matches found

The Hacker News
The Hacker News
added 2026/05/20 12:51 p.m.22 views

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control C2 or C&C communications. Webworm, first publicly documented by Broadcom-owned Symantec ...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/07 9:40 a.m.29 views

China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait

The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an entity in the region. "During this attack, the threat actor used as a lure the upcoming World Expo, which will be...

9.8CVSS9.8AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2023/09/19 11:10 a.m.49 views

Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities

The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary's attacks against public and private sector entiti...

10CVSS8.8AI score0.99986EPSS
Exploits89
The Hacker News
The Hacker News
added 2023/08/01 9:57 a.m.39 views

Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia

The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals' main goals are still espionage and theft of confidential...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/15 10:14 a.m.33 views

Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks

A threat actor tracked under the moniker Webworm is taking advantage of bespoke variants of already existing Windows-based remote access trojans to fly under the radar, some of which are said to be in pre-deployment or testing phases. "The group has developed customized versions of three older...

1.9AI score
Exploits0
Rows per page
Query Builder