Open Source Alerts

Legacy Login in Microsoft Entra ID Exploited to Breach Cloud Accounts

A targeted campaign exploited Microsoft Entra ID’s legacy authentication protocol BAV2ROPC, allowing attackers to bypass MFA and gain unauthorized access to admin accounts across finance, healthcare, and tech sectors.

Hackers Weaponizing PDF Invoices to Attack Windows, Linux & macOS Systems

A sophisticated email campaign has been uncovered targeting users in Spain, Italy, and Portugal, distributing the cross-platform RATty RAT. The campaign uses the legitimate Spanish email service provider serviciodecorreo.es to send phishing emails.

FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network

A joint investigation has uncovered FreeDrain, a large-scale cryptocurrency phishing operation that exploits SEO manipulation, free-tier web services, and redirection techniques to deceive users of popular cryptocurrency wallets.

Over 40 Hacktivist Groups Target India in Coordinated Cyber Campaign: High Noise, Low Impact

A coordinated cyber campaign dubbed #OpIndia was launched by over 40 ideologically motivated hacktivist groups following recent geopolitical tensions between India and Pakistan.

Ransomware gang says it hacked the Sheriff of Hamilton County, TN

The Qilin ransomware gang claimed responsibility for a cyberattack on the Hamilton County Sheriff’s Office in Chattanooga, Tennessee, on April 14, 2025. The sheriff’s office stated that the attackers demanded a $300,000 ransom, which was not paid.

Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources

A recent malware campaign leverages steganography to embed malicious payloads within bitmap resources of 32-bit .NET applications. These payloads are delivered via malspam targeting the financial sector in Türkiye and the logistics sector in Asia.

CVSS 10.0 Vulnerability Found in Ubiquity UniFi Protect Cameras

Ubiquity has disclosed two vulnerabilities in its UniFi Protect platform, including a critical RCE flaw (CVE-2025-23123) with a CVSS score of 10.0 and a medium-severity livestream access issue (CVE-2025-23164) with a CVSS score of 4.4.

Hackers Exploit Windows Remote Management to Evade Detection in AD Networks

A new wave of cyberattacks is exploiting WinRM to conduct stealthy lateral movement within AD environments. By leveraging this legitimate administrative tool, attackers evade detection and blend into normal network activity.

Kickidler employee monitoring software abused in ransomware attacks

Ransomware groups Qilin and Hunters International are abusing Kickidler, a legitimate employee monitoring tool used by over 5,000 organizations across 60 countries, to conduct stealthy reconnaissance and credential harvesting.

Supply chain attack hits npm package with 45,000 weekly downloads

A supply chain attack has compromised the npm package rand-user-agent, which averaged 45,000 weekly downloads. Although deprecated, the package remained popular, making it an attractive target for attackers.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags