Cyber Attack
ConnectWise to Update Code Signing Certificates for ScreenConnect, Automate, and RMM
ConnectWise, a leading provider of remote management and cyber protection tools for managed service providers (MSPs), is set to implement a significant security update affecting ScreenConnect, ConnectWise Automate, and...
Cyber Attack
Bitter Malware Employs Custom-Built Tools to Evade Detection in Advanced Attacks
In a recent research by Proofpoint and Threatray has unveiled the intricate and evolving malware arsenal of the Bitter group, also known as TA397,...
Cyber Attack
Google Warns of Surge in Cyberattacks Targeting US Users to Steal Login Credentials
Google has highlighted a significant uptick in cyberattacks and scams targeting US consumers, with a particular focus on stealing login credentials.
The FBI reports that...
APT
APT41 Hackers Leverage Google Calendar for Malware C2 in Attacks on Government Entities
The Chinese state-sponsored threat actor APT41, also known as BARIUM, Wicked Panda, and Brass Typhoon, has been reported to exploit Google Calendar as a...
Cyber Attack
Beware for Developers: 16 React Native Packages with Millions of Downloads Compromised Overnight
Cybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one...
Cyber Attack
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket's Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable...
Cyber Attack
Kimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and Telegram
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent...
Cyber Attack
ClickFix Attack Uses Fake Cloudflare Verification to Silently Deploy Malware
A newly identified social engineering attack dubbed "ClickFix" has emerged as a significant threat, leveraging meticulously crafted fake Cloudflare verification pages to trick users...
APT
Scattered Spider Hackers Target Tech Company Help-Desk Administrators
A newly identified wave of cyberattacks by the notorious Scattered Spider hacking group has zeroed in on help-desk administrators at major technology companies, leveraging...
Cyber Attack
Paste.ee Turned Cyber Weapon: XWorm and AsyncRAT Delivered by Malicious Actors
The widespread text-sharing website Paste.ee has been used as a weapon by bad actors to spread powerful malware strains like XWorm and AsyncRAT, which...
APT
Iranian APT ‘BladedFeline’ Remains Hidden in Networks for 8 Years
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks...