Chinese APT is Targeting Air-Gapped Systems in Eastern Europe
Kaspersky researchers noted a new campaign by Chinese APT hackers targeting air-gapped systems of industrial organisations in Eastern Europe.
Hackers are reportedly using 15 implants...
Indian APT is Stealing Sensitive Data via a Fake Android Chat App
CYFIRMA researchers note an Indian APT group called Bahamut is infecting targets with a fake Android chat app - to steal sensitive data from...
CISA Warns of a New ‘Submarine’ Malware Targeting Barracuda ESG
CISA warns of a new backdoor malware called Submarine - targeting Barracuda Email Security Gateway for spying on federal agencies.
Barracuda revealed the threat actor...
CISA Warns of a Zero-Day Bug in Ivanti EPMM, Urges to Patch
CISA warns the US federal agencies of a critical zero-day bug in Ivanti's Endpoint Manager Mobile (EPMM) - that can let hackers access the...
Clop Ransomware Starts Leaking Stolen Data on the Surface Internet
Clop ransomware, the perpetrator behind the MOVEit Transfer supply chain attacks, is now leaking the stolen data on the surface internet.
Similar to BlackCat ransomware,...
WooCommerce Payments Plug-in on WordPress is Under Exploitation
A bug in WooCommerce's Payments plug-in is widely being exploited in the wild, despite a patch being available months ago, warns security researchers of...
PyLoose: A Fileless Malware Mining Cryptos From Cloud Workloads
Researchers at Wiz Security documented a novel malware called PyLoose, exploiting cloud workloads to mine Monero cryptocurrencies.
PyLoose is a fileless malware since it leaves...
CISA Urges Fed Agencies to Patch an Android GPU Bug
CISA updated its Known Exploited Vulnerabilities list today, adding the Arm's GPU flaw - affecting most Android devices!
This privilege escalation bug can let anyone...
Android Apps Stealing Sensitive Data Found in Google Play Store
Pradeo researchers discovered two apps in Google Play Store that were collecting excessive data from users' devices and transporting them to China.
The two apps...
Bug in ‘Ultimate Member’ Plugin Affect 200,000 WordPress Sites
Wordfence researchers note a zero-day bug in the Ultimate Member plug-in that affects 200,000 WordPress websites installed.
Though the concerned developers made a patch update...