Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used…
Feds Warn on Russian Actors Targeting Critical Infrastructure
In the past, Putin's Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.
Russian military hackers linked to critical infrastructure attacks
The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear)…
Hackers inject malicious JS in Cisco store to steal credit cards, credentials
Cisco's site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code…
Ransomware Gangs Pummel Southeast Asia
Successful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of high-profile data breaches…
New Voldemort malware abuses Google Sheets to store stolen data
A campaign that started on August 5, 2024, is spreading a previously undocumented malware named "Voldemort" to organizations worldwide, impersonating…
‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools…
South Korean hackers exploited WPS Office zero-day to deploy malware
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS…
Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
The attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web…
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service…