Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a… Read More »Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million (around $263 million) for a 2018 data breach that impacted millions of users in… Read More »Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts
A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft… Read More »Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity… Read More »Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks
Even the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses.… Read More »Even Great Companies Get Breached — Find Out Why and How to Stop It
Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot… Read More »5 Practical Techniques for Effective Cyber Threat Hunting
A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT.… Read More »Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware
Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. “Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it… Read More »Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The… Read More »CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.… Read More »The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal