Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware
Most of the attacks involve the use of automated exploits, security vendor says.
Hello XD ransomware now drops a backdoor while encrypting
Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an upgraded sample featuring stronger…
Linux botnets now exploit critical Atlassian Confluence bug
Several botnets are now using exploits targeting a critical remote code execution (RCE) vulnerability to infect Linux servers running unpatched Atlassian…
Emotet malware now steals credit cards from Google Chrome users
The Emotet botnet is now attempting to infect potential victims with a credit card stealer module designed to harvest credit…
Qbot malware now uses Windows MSDT zero-day in phishing attacks
A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being…
QBot now pushes Black Basta ransomware in bot-powered attacks
The Black Basta ransomware gang has partnered with the QBot malware operation to spread laterally through hacked corporate environments. [...]
Actively Exploited Atlassian Zero-Day Bug Allows Full System Takeover
An remote code execution (RCE) vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential…
Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems
The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.
Fake Windows exploits target infosec community with Cobalt Strike
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. [...]
Malicious PyPI package opens backdoors on Windows, Linux, and Macs
Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike…