The Zscaler ThreatLabz team has uncovered significant advancements in the Anatsa malware, also known as TeaBot, an Android banking trojan that has been active since 2020. Originally designed for credential theft, keylogging, and facilitating fraudulent…
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of […]
Colt Technology Services confirmed a data breach by the WarLock ransomware group; the company is working to restore disrupted systems. Colt Technology Services confirmed that threat actors breached its systems and stole some data. The telecoms company is working to restore disrupted systems. Colt, officially known as Colt Technology Services Group Limited, is a multinational telecommunications […]
Adversaries are using AI-powered website builders to expedite the development of harmful infrastructure in a quickly changing threat landscape, hence reducing the entry barriers for malware distribution and credential phishing. Platforms like Lovable, …
The PromptFix attack tricks AI browsers with fake CAPTCHAs, leading them to phishing sites and fake stores where…
Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]
Cyber spies associated with the threat actor group Paper Werewolf have demonstrated advanced capabilities in bypassing email security filters by delivering malware through seemingly legitimate archive files, a tactic that exploits the commonality of su…
Cybersecurity researchers at CrowdStrike identified and thwarted a sophisticated malware campaign deploying SHAMOS, an advanced variant of the Atomic macOS Stealer (AMOS) malware, orchestrated by the cybercriminal group COOKIE SPIDER. Operating under a…
The financially motivated threat group UNC5518 has been infiltrating trustworthy websites to install ClickFix lures, which are misleading phony CAPTCHA pages, as part of a complex cyber campaign that has been monitored since June 2024. These malicious …
A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous I/O interface to bypass Endpoint Detection and Response (EDR) systems. This sophi…