Skip to content
software vulnerability Page 3

software vulnerability

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via… 

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

Dec 17, 2024Ravie LakshmananCyber Attack / Malware A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking… 

Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

Dec 17, 2024Ravie LakshmananCyber Espionage / Malware A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT… 

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection

Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. “Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in… 

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

Dec 17, 2024Ravie LakshmananNetwork Security / IoT Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in… 

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages

Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of… 

NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool

NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool

Dec 16, 2024Ravie LakshmananSpyware / Surveillance A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by…