Malware & Threats

Spyware Caught Masquerading as Israeli Rocket Alert Applications

Hamas, Israel, Malware & Threats, spyware /

Spyware Caught Masquerading as Israeli Rocket Alert Applications 16/10/2023 at 13:32 By Ionut Arghire A threat actor targets Israelis with spyware masquerading as an Android application for receiving rocket alerts. The post Spyware Caught Masquerading as Israeli Rocket Alert Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original […]

React to this headline:

Loading spinner

Spyware Caught Masquerading as Israeli Rocket Alert Applications Read More »

SEC Investigating Progress Software Over MOVEit Hack

Data Breaches, Malware & Threats, MOVEit, Progress Software, Ransomware, SEC, Vulnerabilities, WS_FTP /

SEC Investigating Progress Software Over MOVEit Hack 12/10/2023 at 20:16 By Ionut Arghire Progress Software confirms the SEC has launched its own investigation into costly ransomware zero-days in the MOVEit file transfer software. The post SEC Investigating Progress Software Over MOVEit Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

SEC Investigating Progress Software Over MOVEit Hack Read More »

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin

backdoor, Malware & Threats, WordPress /

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin 12/10/2023 at 17:50 By Ionut Arghire A backdoor deployed on a compromised WordPress website poses as a legitimate plugin to hide its presence. The post Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin Read More »

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Application Security, CVE-2023-36563, CVE-2023-41763, CVE-2023-44487, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities /

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business 10/10/2023 at 21:32 By Ryan Naraine Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild. The post Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business Read More »

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop

Adobe, CVE-2023-26370, Incident Response, magento, Malware & Threats, Patch Tuesday, Vulnerabilities /

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop 10/10/2023 at 20:17 By Ryan Naraine Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks. The post Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop Read More »

Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal

botnet, exploit, Malware & Threats, Mirai /

Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal 10/10/2023 at 19:07 By Ionut Arghire A Mirai botnet variant tracked as IZ1H9 has updated its arsenal with 13 exploits targeting various routers, IP cameras, and other IoT devices. The post Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal Read More »

Magecart Web Skimmer Hides in 404 Error Pages

Magecart, Malware & Threats, web skimmer /

Magecart Web Skimmer Hides in 404 Error Pages 10/10/2023 at 15:37 By Ionut Arghire A newly identified Magecart web skimming campaign is tampering with ‘404’ error pages to hide malicious code. The post Magecart Web Skimmer Hides in 404 Error Pages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Magecart Web Skimmer Hides in 404 Error Pages Read More »

Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites

Malware & Threats, WordPress /

Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites 09/10/2023 at 19:16 By Eduard Kovacs Recently patched TagDiv Composer plugin vulnerability exploited to hack thousands of WordPress sites as part of the Balada Injector campaign. The post Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites appeared first on

React to this headline:

Loading spinner

Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites Read More »

Credential Harvesting Campaign Targets Unpatched NetScaler Instances

Malware & Threats /

Credential Harvesting Campaign Targets Unpatched NetScaler Instances 09/10/2023 at 17:47 By Ionut Arghire Threat actors are targeting Citrix NetScaler instances unpatched against CVE-2023-3519 to steal user credentials. The post Credential Harvesting Campaign Targets Unpatched NetScaler Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Credential Harvesting Campaign Targets Unpatched NetScaler Instances Read More »

Android Devices With Backdoored Firmware Found in US Schools

Android, backdoor, BadBox, cybercrime, Malware & Threats, Mobile & Wireless, Triada /

Android Devices With Backdoored Firmware Found in US Schools 06/10/2023 at 18:03 By Ionut Arghire A global cybercriminal operation called BadBox has infected the firmware of more than 70,000 Android smartphones, CTV boxes, and tablets with the Triada malware. The post Android Devices With Backdoored Firmware Found in US Schools appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Android Devices With Backdoored Firmware Found in US Schools Read More »

Qakbot Hackers Continue to Push Malware After Takedown Attempt

Malware, Malware & Threats, Qakbot /

Qakbot Hackers Continue to Push Malware After Takedown Attempt 05/10/2023 at 15:31 By Eduard Kovacs Qakbot cybercriminals continue to push malware, which shows they are still operational after the recent takedown attempt. The post Qakbot Hackers Continue to Push Malware After Takedown Attempt appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Qakbot Hackers Continue to Push Malware After Takedown Attempt Read More »

Hundreds Download Malicious NPM Package Capable of Delivering Rootkit

Malware & Threats, NPM, rootkit /

Hundreds Download Malicious NPM Package Capable of Delivering Rootkit 05/10/2023 at 14:01 By Ionut Arghire Threat actor uses typosquatting to trick hundreds of users into downloading a malicious NPM package that delivers the r77 rootkit. The post Hundreds Download Malicious NPM Package Capable of Delivering Rootkit appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Hundreds Download Malicious NPM Package Capable of Delivering Rootkit Read More »

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day

apple, iOS, iOS 17.0.3, Malware & Threats, Mobile & Wireless, Nation-State, Vulnerabilities, Zero-Day /

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day 04/10/2023 at 22:16 By Ryan Naraine Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down. The post Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day Read More »

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day

Application Security, Atlassian, Confluence, Malware & Threats, Vulnerabilities, Zero-Day /

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day 04/10/2023 at 20:16 By Ryan Naraine Atlassian confirms that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in its Confluence Data Center and Server products. The post Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day Read More »

Dozens of Malicious NPM Packages Steal User, System Data

Malware & Threats, NPM /

Dozens of Malicious NPM Packages Steal User, System Data 03/10/2023 at 15:48 By Ionut Arghire Fortinet warns of multiple malicious NPM packages that include install scripts designed to steal sensitive information. The post Dozens of Malicious NPM Packages Steal User, System Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Dozens of Malicious NPM Packages Steal User, System Data Read More »

Chinese Gov Hackers Caught Hiding in Cisco Router Firmware

Cisco, firmware, Malware & Threats, MoonBounce, Nation-State, routers, Security Infrastructure /

Chinese Gov Hackers Caught Hiding in Cisco Router Firmware 27/09/2023 at 21:02 By Ryan Naraine The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies. The post Chinese Gov Hackers Caught

React to this headline:

Loading spinner

Chinese Gov Hackers Caught Hiding in Cisco Router Firmware Read More »

UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor

Cyberwarfare, Government, Malware, Malware & Threats, Middle East, UAE /

UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor 26/09/2023 at 17:16 By Ionut Arghire UAE-linked APT group Stealth Falcon has used the new Deadglyph backdoor in an attack targeting a governmental entity in the Middle East. The post UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor appeared first on SecurityWeek. This

React to this headline:

Loading spinner

UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor Read More »

Xenomorph Android Banking Trojan Targeting Users in US, Canada

Android trojan, Malware & Threats, Mobile & Wireless, phishing /

Xenomorph Android Banking Trojan Targeting Users in US, Canada 26/09/2023 at 14:46 By Ionut Arghire The Xenomorph Android banking trojan can now mimic financial institutions in the US and Canada and is also targeting crypto wallets. The post Xenomorph Android Banking Trojan Targeting Users in US, Canada appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Xenomorph Android Banking Trojan Targeting Users in US, Canada Read More »

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

Android trojan, Malware & Threats, Mobile & Wireless, Pakistan /

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices 19/09/2023 at 15:47 By Ionut Arghire New versions of Pakistan-linked APT Transparent Tribe’s CapraRAT Android trojan mimic the appearance of YouTube. The post Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices Read More »

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks

Featured, Malware & Threats, Mobile & Wireless /

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks 19/09/2023 at 13:32 By Eduard Kovacs CISA says Owl Labs video conferencing device vulnerabilities that require the attacker to be in close range exploited in attacks The post CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks appeared first on

React to this headline:

Loading spinner

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks Read More »

Scroll to Top