The hacker new
-
Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack
Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that's designed to steal personally identifiable...
-
Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts
An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in...
-
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors
A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. "TrueBot is a downloader trojan botnet that uses command...
-
North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social engineering tactics to...
-
MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited
A critical flaw in Progress Software's in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to...
-
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active...
-
N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored actor...
-
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known...
-
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The...
-
Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months
Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had...
-
Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code...
-
CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security
Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish...