Skip to content
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools

Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools

Government and telecommunications sectors in Southeast Asia have become the target of a “sophisticated” campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024. The attacks, per Trend Micro,… 

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

Apr 28, 2025Ravie LakshmananWebsite Security / Malware Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a “critical patch” but deploy a backdoor… 

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Apr 28, 2025Ravie LakshmananWeb Application Security / Vulnerability Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks,… 

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Apr 27, 2025Ravie LakshmananKubernetes / Cloud Security Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. “The…