New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency (thehackernews.com)
cross-posted from: sh.itjust.works/post/25130414
Apple Vision Pro vulnerability exposed (thehackernews.com)
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams (thehackernews.com)
“After an initial chat conversation, the attacker sent a ZIP file that contained COVERTCATCH malware disguised as a Python coding challenge,” researchers Robert Wallace, Blas Kojusner, and Joseph Dobson said....
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (thehackernews.com)
The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers Mark Lim and Tom Marsden said....
New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems (thehackernews.com)
Written in Rust and capable of targeting both Windows and Linux/ESXi hosts, Cicada3301 first emerged in June 2024, inviting potential affiliates to join their ransomware-as-a-service (RaaS) platform via an advertisement on the RAMP underground forum.
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access (thehackernews.com)
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor (thehackernews.com)
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords (thehackernews.com)
If you’re self hosting roundcube be sure to update.
Chinese Hackers Target Taiwan and US NGO with MgBot Malware (thehackernews.com)
Archived link...
Chinese Hackers Target Taiwan and US NGO with MgBot Malware (thehackernews.com)
cross-posted from: feddit.org/post/1095016...
Google to Block Entrust Certificates in Chrome Starting November 2024 (thehackernews.com)
See also: …googleblog.com/…/sustaining-digital-certificate-…
China-linked pollyfill[.]io attack impacts 380,000 hosts, including major companies like WarnerBros, Hulu, Mercedes-Benz, and Pearson (thehackernews.com)
Archived version...
Chinese hackers deploy SpiceRAT and SugarGh0st in global espionage campaign primarily targeting government entities across Asia, Europe, Middle East, and Africa (thehackernews.com)
Archived link...
Chinese hackers deploy SpiceRAT and SugarGh0st in global espionage campaign primarily targeting government entities across Asia, Europe, Middle East, and Africa (thehackernews.com)
Archived link...
TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks (thehackernews.com)
The Article...
Chinese state-backed cyber espionage targets Southeast Asian government (thehackernews.com)
Archived link...
Mysterious cyberattack took down more than 600,000 routers in the U.S. (thehackernews.com)
Archived link...
New frontier, old tactics: Chinese espionage group targets African and Caribbean governments (thehackernews.com)
Archived link...
The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell (thehackernews.com)
Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favor of more advanced alternatives such as JavaScript and PowerShell.
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw (thehackernews.com)
Dropbox Discloses Breach of Digital Signature Service Affecting All Users (thehackernews.com)
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (thehackernews.com)
Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities (thehackernews.com)
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw (thehackernews.com)
