Skip to main content

Security News

Filter by:

Hackers Target Selenium Grid Servers for Proxyjacking and Cryptomining Attacks

Threat actors are infecting publicly exposed Selenium Grid servers to utilize victims' internet bandwidth for cryptomining, proxyjacking, and potentially more harmful activities.
Cyware News 16 Sep 2024 127 Views

Windows vulnerability abused braille “spaces” in zero-day attacks

A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. [...]
Bleepingcomputer 16 Sep 2024 231 Views

'Hadooken' Malware Targets Oracle's WebLogic Servers

A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." [...]
Dark Reading 13 Sep 2024 439 Views

New Vo1d malware infects 1.3 million Android TV streaming boxes

Threat actors have infected over 1.3 million Android TV streaming boxes with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. [...]
Bleepingcomputer 13 Sep 2024 892 Views

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub.
Bleeping Computer 11 Sep 2024 635 Views

Ivanti fixes maximum severity RCE bug in Endpoint Management software

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server.
Bleeping Computer 11 Sep 2024 671 Views

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to disable endpoint detection and response (EDR) services on target systems.
Bleeping Computer 11 Sep 2024 657 Views

Cyberattackers Spoof Palo Alto VPNs to Spread WikiLoader Variant

The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.
Dark Reading 4 Sep 2024 1110 Views

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities...
The Hacker News 2 Sep 2024 1290 Views

South Korean hackers exploited WPS Office zero-day to deploy malware

The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]
Bleepingcomputer 29 Aug 2024 1663 Views