APT36 Attacking BOSS Linux Systems With Weaponized ZIP Files to Steal Sensitive Data
Pakistan-based threat actor APT36, also known as Transparent Tribe, has significantly evolved its cyber-espionage capabilities by launching a sophisticated campaign specifically targeting Indian defense personnel through weaponized ZIP files designed to compromise BOSS Linux...
WordPress Admins Beware! Fake Cache Plugin that Steals Admin Logins
A sophisticated malware campaign targeting WordPress administrators has been discovered, utilizing a deceptive caching plugin to steal login credentials and compromise website security.
Security researchers have identified a malicious plugin disguised as "wp-runtime-cache" that specifically...
Weaponized Google Calendar Invites Delivers Malicious Payload With Just One Character
A new attack vector where cybercriminals are weaponizing Google Calendar invites to deliver malware, using a sophisticated obfuscation technique involving just a single visible character that hides malicious code.
This discovery highlights how threat actors...
Newly Purchased Android Phones With Pre-installed Malware Mimic as WhatsApp
A sophisticated cryptocurrency theft operation has been uncovered where brand-new Android smartphones arrive with pre-installed malware masquerading as legitimate WhatsApp applications.
Threat actors have infiltrated the supply chain of several Chinese smartphone manufacturers, embedding malicious...
Hackers Leveraging Teams Messages to Execute Malware on Windows Systems
A new sophisticated attack campaign where cybercriminals are exploiting Microsoft Teams to deliver malware and maintain persistent access to corporate networks.
The attacks, which represent an evolution in social engineering tactics, specifically target Windows systems...
New Process Hollowing Attack Vectors Uncovered in Windows 11 (24H2)
The recent release of Windows 11 version 24H2 has introduced a range of new features and updates, but it has also raised significant cybersecurity concerns.
A longstanding malware technique known as Process Hollowing or RunPE...
Malware Trends Review 2024 – An Year With Highest Ever Recorded Cyber Threats
Last year witnessed an alarming escalation in cyber threats, with malware families evolving and attack tactics becoming more sophisticated than ever.
According to a detailed analysis by ANY.RUN, a prominent interactive malware analysis platform, 2024...
Botnet Exploits 13,000 MikroTik Devices By Abusing Misconfigured DNS Records
Cybersecurity experts at Infoblox Threat Intel have uncovered a sophisticated botnet leveraging misconfigured DNS records to bypass email protection systems and deliver malware through spam campaigns.
This botnet, comprising approximately 13,000 compromised MikroTik routers,...
Rootkit Malware Exploiting 0-Day Vulnerabilities to Control Linux Systems Remotely
Fortinet researchers uncovered an advanced rootkit malware exploiting multiple zero-day vulnerabilities in enterprise appliances by executing a shell script (Install.sh).
The analysis sheds new light on how attackers establish persistence, hijack network traffic, and remotely...
Top Sophisticated Cyber Security Threats of 2024
As 2024 concludes, cybersecurity experts are reflecting on an eventful Q4 that witnessed evolving threats and heightened activity in the malware landscape.
ANY.RUN, a leading interactive malware analysis platform, has released its quarterly report, shedding...
