Meta claims NSO Group still targets WhatsApp users despite court order 2026-06-08 at 23:44 By Sinisa Markovic Meta claims it disrupted spear-phishing attempts linked to NSO Group and is asking a US federal court to hold the spyware vendor in contempt for allegedly violating an injunction that bars it from targeting WhatsApp and its users. […]
Meta claims NSO Group still targets WhatsApp users despite court order Read More »
FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes 2026-01-09 at 17:34 By Ionut Arghire The North Korean state-sponsored espionage group Kimsuky has targeted government organizations, think tanks, and academic institutions. The post FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes Read More »
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military 2025-11-03 at 15:57 By Zeljka Zorz A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to download and
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military Read More »
Attackers target retailers’ gift card systems using cloud-only techniques 2025-10-22 at 17:12 By Zeljka Zorz A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and
Attackers target retailers’ gift card systems using cloud-only techniques Read More »
Phishing campaign targets Rust developers 2025-09-15 at 19:27 By Zeljka Zorz Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm phishing campaign. The phishing email The emails started hitting developers’ inboxes on Friday, minutes after they published a (new)
Phishing campaign targets Rust developers Read More »
ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have
ScreenConnect admins targeted with spoofed login alerts Read More »
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices 2025-08-18 at 16:12 By Zeljka Zorz Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ostensibly sent by a law firm, are tailored to
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices Read More »
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) 2025-08-12 at 16:11 By Zeljka Zorz The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) Read More »
Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have
Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) 2025-02-04 at 15:08 By Zeljka Zorz CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-Zip vulnerability (CVE-2025-0411) Mark-of-the-Web (MotW) is a
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) Read More »
How Russian hackers went after NGOs’ WhatsApp accounts 2025-01-17 at 17:34 By Zeljka Zorz Star Blizzard, a threat actor tied to the Russian Federal Security Service (FSB), was spotted attempting to compromise targets’ WhatsApp accounts through a clever phishing campaign. The campaign The campaign started with a spear-phishing email that was made to look like
How Russian hackers went after NGOs’ WhatsApp accounts Read More »
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) 2024-11-14 at 12:02 By Zeljka Zorz CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have revealed. About the vulnerability CVE-2024-43451 affects all supported Windows versions
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) Read More »
Aerospace employees targeted with malicious “dream job” offers 2024-11-13 at 12:49 By Zeljka Zorz It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular employment-focused social
Aerospace employees targeted with malicious “dream job” offers Read More »
Industrial companies in Europe targeted with GuLoader 2024-11-07 at 15:48 By Zeljka Zorz A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a remote access trojan that would permit attackers to steal information from and access compromised computers whenever they wish.
Industrial companies in Europe targeted with GuLoader Read More »
Russian hackers deliver malicious RDP configuration files to thousands 2024-10-30 at 12:49 By Zeljka Zorz Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file. “Based
Russian hackers deliver malicious RDP configuration files to thousands Read More »
DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military 2024-09-17 at 13:01 By Ionut Arghire Chinese national Song Wu allegedly sent spear-phishing emails to NASA, Air Force, Navy, Army, and FAA employees. The post DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military appeared first on SecurityWeek. This article is an
DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military Read More »
Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks 2024-08-16 at 16:16 By Ionut Arghire Multiple Russian, Belarusian, and Western entities perceived as Russia’s enemies have been targeted in two recent spear-phishing campaigns. The post Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks Read More »
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks 2024-07-16 at 16:46 By Zeljka Zorz The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro’s
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks Read More »
CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency 2024-07-12 at 17:31 By Ionut Arghire CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization. The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on SecurityWeek.
CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency Read More »
Cyberespionage Campaign Targets Government, Energy Entities in India 2024-03-28 at 17:17 By Ionut Arghire Threat intelligence firm EclecticIQ documents the delivery of malware phishing lures to government and private energy organizations in India. The post Cyberespionage Campaign Targets Government, Energy Entities in India appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Cyberespionage Campaign Targets Government, Energy Entities in India Read More »