Compromised RVTools Installer Spreading Bumblebee Malware
RVTools installer on its official site was found delivering malware. Research shows it spread Bumblebee loader. Users urged to verify downloads.
Cyber Attack
WordPress Plugin Flaw Puts 22,000 Websites at Risk of Cyber Attacks
A severe security flaw has been uncovered in the Motors WordPress theme, a popular choice for car dealerships and listings with over 22,000 sales on ThemeForest. Researcher Foxyyy reported a critical Privilege Escalation vulnerability through the Wordf…
New Nitrogen Ransomware Targets Financial Firms in the US, UK and Canada
Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on…
Microsoft 365 Users Targeted by Tycoon2FA Linked Phishing Attack to Steal Credentials
A new wave of targeted phishing campaigns, linked to the Tycoon2FA group, has been identified specifically targeting Microsoft 365 users. Security researchers have observed that these campaigns are leveraging an innovative tactic: the use of malformed …
New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials
A newly identified phishing campaign is targeting unsuspecting users by masquerading as urgent Zoom meeting invitations from colleagues. This deceptive tactic leverages the familiarity and trust associated with workplace communications to lure victims …
UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen
The UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.…
New Report Finds 67% of Organizations Experienced Cyber Attacks in the Last Year
A disturbing 67% of businesses in eight worldwide markets—the US, UK, Spain, the Netherlands, Germany, France, Belgium, and Ireland—reported having experienced cyberattacks in the previous 12 months, according to the 2024 Hiscox Cyber Readiness Report….
Google Reveals Hackers Targeting US Following UK Retailer Attacks
The Google Threat Intelligence Group (GTIG) recently revealed that the well-known hacker collective UNC3944, which also overlaps with the widely publicized Scattered Spider, is a persistent and dynamic cyberthreat. Initially focused on telecommunicatio…
Confluence Servers Under Attack: Hackers Leverage Vulnerability for RDP Access and Remote Code Execution
Threat actors exploited a known vulnerability, CVE-2023-22527, a template injection flaw in Atlassian Confluence servers exposed to the internet. This exploit facilitated remote code execution (RCE), enabling attackers to gain initial access and establ…
Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail…