Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS…
New Linux malware Hadooken targets Oracle WebLogic servers
Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken," which launches a cryptominer and…
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted…
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool…
‘Crystalray’ Attacks Jump 10X, Using Only OSS to Steal Credentials
Remember when hackers used to write their own malware? Kids these days don't want to work, they just want freely…
‘P2PInfect’ Worm Grows Teeth With Miner, Ransomware & Rootkit
For a while, the botnet spread but did essentially nothing. All the malicious payloads came well after.
Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth
The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut…
Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks
In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities. [...]
How The Security of The Cloud’s Supply Chain Will Shift in 2024
What we can expect from advanced threat actor groups in the new year. By Jason Martin, Co-founder and Co-CEO at…
Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks
Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into…