Harrods confirmed a cyberattack, following similar incidents suffered by M&S and Co-op, making it the third major UK retailer targeted in one week. Luxury department store Harrods confirmed a cyberattack, threat actors attempted to gain unauthorised access to some of its systems. “We recently experienced attempts to gain unauthorised access to some of our systems.” […]
Sonatype discovered ‘crypto-encrypt-ts’, a malicious npm package impersonating the popular CryptoJS library to steal crypto and personal data.…
ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.
The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek.
Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The financially-motivated group targeted organizations in the media, […]
PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978, Tropical Scorpius, UNC2596), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities. Since mid-2022, they’ve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. […]
WordPress sites are under threat from a deceptive anti-malware plugin. Learn how this malware grants backdoor access, hides…
France blames Russia-linked APT28 for cyberattacks targeting or compromising a dozen French government bodies and other entities. The Russia-linked APT28 group has targeted or compromised a dozen government organizations and other French entities, the French Government states. In 2024, it was observed attacking OT organizations and linked to cyberattacks on 60 entities in Asia and […]
The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that masquerades as a legitimate plugin, often named ‘WP-antymalwary-bot.php.’ First detected on January 22, 2025, during a routine site cleanup, this m…
China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…
A sophisticated multi-stage malware campaign, potentially orchestrated by the North Korean Konni Advanced Persistent Threat (APT) group, has been identified targeting entities predominantly in South Korea. Cybersecurity experts have uncovered a meticul…