Pirated Windows 10 ISOs install clipper malware via EFI partitions
Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade…
Clop ransomware likely testing MOVEit zero-day since 2021
The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file…
New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux
Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications…
New Horabot campaign takes over victim’s Gmail, Outlook accounts
A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November…
New MOVEit Transfer zero-day mass-exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software, tracked as CVE-2023-34362, to steal data…
RomCom malware spread via Google Ads for ChatGPT, GIMP, more
A new campaign distributing the RomCom backdoor malware is impersonating the websites of well-known or fictional software, tricking users into…
Lazarus hackers target Windows IIS web servers for initial access
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS)…
QBot malware abuses Windows WordPad EXE to infect devices
The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect…
Lazarus Group Striking Vulnerable Windows IIS Web Servers
The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach…
New PowerExchange malware backdoors Microsoft Exchange servers
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft…