backdoored
-
Velvet Ant: Surgical Subversion of Critical Infrastructure Authentication Stacks (PAM and OpenSSH)
In a sophisticated display of cyber-persistence, the China-nexus threat actor known as Velvet Ant has been unmasked for executing a…
Read More » -
Critical Exploitation Alert: Ivanti Sentry Targeted via Command Injection and Auth Bypass
The cybersecurity landscape has shifted rapidly following the release of proof-of-concept (PoC) code targeting Ivanti Sentry. Security researchers and threat…
Read More » -
Supply Chain Security Under Siege: TeamPCP’s Aggressive Pipeline Attacks
A sophisticated, financially motivated threat actor operating under the moniker TeamPCP has launched an aggressive campaign targeting the bedrock of…
Read More » -
Chaining Vulnerabilities to Achieve Root Access in CODESYS Soft PLCs
Recent research published by Nozomi Networks Labs has uncovered a sophisticated exploit chain targeting the CODESYS Control runtime. By leveraging…
Read More » -
The Industrialization of Web3 Theft: How HexagonalRodent Leverages AI and Social Engineering to Loot Developers
In a sophisticated evolution of North Korean cyber operations, a threat actor group known as HexagonalRodent is systematically targeting the…
Read More » -
Still Using FTP? 6 Million Exposed Servers Remain Security Risk
A recent security brief from internet intelligence firm Censys reveals that despite its 55-year history, the File Transfer Protocol (FTP)…
Read More » -
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Korea–nexus threat actor hijacked the popular Axios NPM package in a high‑impact software supply chain attack, deploying a…
Read More » -
ChatGPT Vulnerability Enabled Silent Leakage of Prompts and Sensitive Information
Artificial intelligence assistants increasinglyhandle our most sensitive data, operating under the assumption that enclosed environments keep this information secure. However,…
Read More » -
Pyronut Package Backdoors Telegram Bots With RCE
Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both…
Read More » -
Fake CleanMyMac Site Spreads SHub Stealer, Targets Crypto Wallets
Hackers are leveraging a counterfeit CleanMyMac download site to deploy SHub Stealer on macOS users, a potent infostealer that compromises…
Read More » -
Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated…
Read More » -
Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers
Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular e-commerce applications, granting hackers full…
Read More »