Sunday, April 6, 2025

Cyber Attack

5,000 WordPress Sites Hacked in New WP3.XYZ Malware Attack

Widespread malware campaigns detected by side crawlers exploit vulnerabilities on multiple websites where the intrusion method remains under investigation, with no common entry point...

QSC: Multi-Plugin Malware Framework Installs Backdoor on Windows

The QSC Loader service DLL named "loader.dll" leverages two distinct methods to obtain the path to the Core module code.It either extracts the...

Weaponized LDAP Exploit Deploys Information-Stealing Malware

Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed "LDAPNightmare"). These malicious PoCs, often disguised...

Researchers Reveal Exploitation Techniques of North Korean Kimsuky APT Group

Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations. It employs...

Mirai Botnet Variant Exploits Zero-Day Vulnerabilities in Routers

Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic...

Gravy Analytics Hit by Cyberattack, Hackers Allegedly Stole data

Gravy Analytics, a prominent player in location intelligence, has reportedly fallen victim to a significant cyberattack. Initial investigations suggest that hackers have exfiltrated sensitive...

How Nation-State Actors and Organised Hackers Involving in Their Ways of Cyber Attacks

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred.Both groups now leverage similar tactics, techniques, and procedures (TTP) in their...

Malicious npm Packages Stealing Developers’ Sensitive Data

Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times, compromised development environments and...