Fake WordPress security advisory pushes backdoor plugin
Upon installation, the plugin creates a hidden admin user named 'wpsecuritypatch' and sends information about the victim to the attackers' command and control server (C2)
Read More...Exploit Archives - CyberConvoy Blog
Hackers use new Agent Raccoon malware to backdoor US targets
The selection of targets, nature of the deployed tools, data exfiltration methods, targeted intelligence, and the covert character of the attacks suggest that their goal is espionage
Read More...
Atomic Stealer malware strikes macOS via fake browser updates
Via this technique, dubbed "EtherHiding," the operators distributed Windows-targeting payloads, including information-stealing malware like RedLine, Amadey, and Lumma
Read More...
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host's resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative impact on system performance
Read More...
Citrix warns admins to kill NetScaler user sessions to block hackers
Besides applying the necessary security updates, administrators are also advised to wipe all previous user sessions and terminate all active ones
Read More...
CISA warns of actively exploited Windows, Sophos, and Oracle bugs
The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues
Read More...
CISA warns of actively exploited Juniper pre-auth RCE exploit chain
Administrators are urged to immediately secure their devices by upgrading JunOS to the most recent release or, as a minimum precaution, restrict Internet access to the J-Web interface to eliminate the attack vector
Read More...
SysAid zero-day flaw exploited in Clop ransomware attacks
The threat actor leveraged the zero-day flaw to upload into the webroot of the SysAid Tomcat web service a WAR (Web Application Resource) archive containing a webshell
Read More...
iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A- and M-Series CPUs
In a practical attack scenario, the weakness could be exploited using a malicious web page to recover Gmail inbox content and even recover passwords that are autofilled by credential managers
Read More...
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability
Read More...