An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload…
Widespread malware campaigns detected by side crawlers exploit vulnerabilities on multiple websites where the intrusion method remains under investigation, with…
The QSC Loader service DLL named "loader.dll" leverages two distinct methods to obtain the path to the Core module code.…
Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed "LDAPNightmare"). …
Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting…
Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative…
Gravy Analytics, a prominent player in location intelligence, has reportedly fallen victim to a significant cyberattack. Initial investigations suggest that…
The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred. Both groups now leverage similar tactics, techniques, and…
Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times,…
PLAYFULGHOST, a Gh0st RAT variant, leverages distinct traffic patterns and encryption, which spread via phishing emails and SEO poisoning of…