Novel Exploit Chain Enables Windows UAC Bypass
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really…
New RomCom malware variant ‘SnipBot’ spotted in data theft attacks
A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to…
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud…
Microsoft fixes bug crashing Microsoft 365 apps when typing
Microsoft has fixed a known issue that causes Microsoft 365 apps like Outlook, Word, Excel, and OneNote to crash while…
GitHub comments abused to push password stealing malware masked as fixes
GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. [...]
GitHub comments abused to push password stealing malware masked as fixes
GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. [...]
New Voldemort malware abuses Google Sheets to store stolen data
A campaign that started on August 5, 2024, is spreading a previously undocumented malware named "Voldemort" to organizations worldwide, impersonating…
‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools…
South Korean hackers exploited WPS Office zero-day to deploy malware
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS…
Hackers now use AppDomain Injection to drop CobaltStrike beacons
A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can…