In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide. This campaign, which began in early December 2024, leverages malicious redirects from illegal streaming websites to del…
Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.
The post Microsoft Says One Million Devices Impacted by Infostealer Campaign appeared first on SecurityWeek.
Microsoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the…
A sophisticated malware operation, dubbed “Phantom Goblin,” has been identified by cybersecurity researchers, highlighting the increasing use of social engineering tactics to deploy information-stealing malware. This operation leverages dec…
A critical vulnerability in AMD’s Zen 1 through Zen 4 processors allows attackers to bypass microcode signature validation, potentially undermining hardware-based security mechanisms. The flaw stems from AMD’s use of AES-CMAC as a hash function during …
Peaklight malware has emerged as a significant threat, designed to steal sensitive information from compromised endpoints. This information stealer is often distributed through underground channels and is sometimes offered as a Malware-as-a-Service (Ma…
Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts observed a 42% increase in attacks carried out by the group between 2023 and 2024. Experts […]
Qilin Ransomware group claims to have breached the Ministry of Foreign Affairs of Ukraine, marking a significant cybersecurity attack. The Russian-speaking Qilin Ransomware group claims responsibility for an attack on the Ministry of Foreign Affairs of Ukraine. The group stated that it stole sensitive data such as private correspondence, personal information, and official decrees. The […]
LinkedIn InMail spoofing delivers the ConnectWise RAT via outdated branding and weak email security — posing a significant risk to organizations.
The post LinkedIn InMail Spoofing Malware Campaign Unleashes ConnectWise RAT appeared first on eSecurity Planet.
HUMAN’s Satori Threat Intelligence and Research team has uncovered a complex cyberattack dubbed “BADBOX 2.0,” an evolution of the previously disclosed BADBOX operation. This sophisticated botnet has infected over 1 million consumer de…