Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a… Read More »China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
While Okta provides robust native security features, configuration drift, identity sprawl, and misconfigurations can provide opportunities for attackers to find their way in. This article covers four key ways to… Read More »How to Improve Okta Security in Four Steps
Microsoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate… Read More »Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public… Read More »Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions. That’s according… Read More »Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions
An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in… Read More »Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The… Read More »SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware,… Read More »⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD)… Read More »GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as “time” related utilities, but harboring hidden functionality to… Read More »Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal