Cybersecurity experts have uncovered a new malware campaign targeting Microsoft Teams users to infiltrate corporate systems. Attackers bypassed traditional defenses, delivering malware capable of stealing credentials.

A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access to corporate networks.

The new SafePay ransomware gang has claimed responsibility for the attack on UK telematics biz Microlise, giving the company less than 24 hours to pay its extortion demands before leaking data.

Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices.

The incident shows how threat actors exploit trust and human error in the open-source ecosystem, using readily available malware, platforms like GitHub, and communication channels like Discord and Telegram to bypass traditional security measures.

A path traversal vulnerability has been discovered in the Spring Framework, with a CVSS score of 7.5. This flaw affects applications serving static resources through WebMvc.fn or WebFlux.fn, allowing attackers to access sensitive files.

Critical vulnerabilities within Hotjar and Business Insider have been uncovered by security researchers, posing risks for enterprises. These vulnerabilities highlight a broader issue with XSS flaws reintroduced by new technologies, increasing risks.

An advanced phishing campaign targeting the Oil and Gas industry is distributing the Rhadamanthys Stealer, an uncommon and sophisticated Malware-as-a-Service information stealer.

The leak consisted of publicly accessible environment files hosted on the airline's website. It included MySQL database credentials, SMTP configuration, and other sensitive information, potentially allowing unauthorized access and phishing attacks.

Threat actors were seen exploiting paid Facebook promotions to disseminate malicious code, aiming to deploy a harmful browser add-on for credential theft. Going by the keywords and variables noticed within the malicious script, researchers believe that Vietnamese threat actors could be behind ... Read More

On June 1st, 2023, the Cybernews research team discovered a publicly accessible environment file (.env) belonging to Burger King’s French website, containing various credentials. The file was hosted on the subdomain used for posting job offers.

MalwareHunterTeam reported a new variant of the Abyss Locker ransomware designed to target Linux-based VMware ESXi servers. It employs SSH brute force attacks to gain unauthorized access to servers. The ransomware has claimed data theft ranging from 35GB to 700GB. Researchers also suspect a connect ... Read More

Researchers took the wraps off of a year-long cyberattack campaign deploying a custom Golang malware called RDStealer. The malware strain focuses on stealing credentials and extracting data from compromised hosts. Not a coincidence but all the compromised machines were Dell-manufactured devices.

Check Point spotted a new malware strain, named FluHorse, masquerading as popular Android apps from East Asia. Each of these apps has been installed over 100,000 times. FluHorse is created to pilfer personal information such as usernames, passwords, and 2FA codes. Individuals and organizations ... Read More

The company exposed credentials to the Salesforce Marketing Cloud, a provider of digital marketing automation and analytics software and services. Cybernews has reached out to the car manufacturer, and the dataset has been secured.

A high-severity security vulnerability in the Kyverno admission controller for container images could allow malicious actors to import a raft of nefarious code into cloud production environments.