ToddyCat APT Group Exploits ESET Vulnerability for Stealthy Malware Attacks
Security researchers discovered that the ToddyCat APT group exploited a DLL hijacking vulnerability in ESET's software to deploy sophisticated malware. The attack leveraged multiple stealth techniques including encrypted payloads and memory-based execution to evade detection.
Critical Ivanti Security Flaw Exploited by Chinese Hackers in Wild
CISA reveals severe remote code execution vulnerability affecting multiple Ivanti products, including Connect Secure and Policy Secure gateways. Security researchers link active exploitation to Chinese cyber espionage group UNC5221 using sophisticated malware tools.
PoisonSeed Campaign Targets Crypto Users Through Compromised CRM Systems
A sophisticated cybercrime operation dubbed PoisonSeed is exploiting compromised CRM accounts to launch cryptocurrency seed phrase poisoning attacks. The campaign uses phishing tactics to gain access to marketing systems and sends malicious recovery phrases that allow attackers to drain victims' digital wallets.
Chinese State Hackers Exploit Critical Ivanti Flaw to Deploy Advanced Malware
Security researchers reveal Chinese state-sponsored group UNC5221 is actively exploiting a critical Ivanti Connect Secure vulnerability to deploy sophisticated TRAILBLAZE and BRUSHFIRE malware. The high-severity flaw enables remote code execution through stack-buffer overflow, prompting urgent patching recommendations.
Cybercriminals Exploit Legacy Stripe API to Validate Stolen Card Data in Sophisticated Skimming Campaign
Researchers uncovered a web skimming operation targeting 49 e-commerce merchants by exploiting Stripe's deprecated API to validate stolen payment cards. The sophisticated attack injects malicious code mimicking legitimate checkout pages while leveraging cryptocurrency options and automated customization tools.
Russian Cybercrime Group FIN7 Deploys Sophisticated Anubis Backdoor for Windows Systems
FIN7's latest Python-based malware, Anubis, enables comprehensive remote system control while evading detection through advanced techniques. The backdoor, distributed via phishing campaigns, features modular design, encrypted communications, and capabilities including remote command execution and keylogging.
Microsoft Teams Voice Phishing Campaign Deploys Malware Through Remote Support Tools
A sophisticated phishing attack using Microsoft Teams voice calls has been discovered targeting organizations by deploying malware through legitimate remote tools. The multi-stage attack combines social engineering with technical exploitation, highlighting growing concerns about AI-enabled social engineering threats.
RESURGE: Advanced Chinese Malware Targets Ivanti Security Products with Sophisticated Rootkit Features
A dangerous new malware called RESURGE has been discovered exploiting Ivanti Connect Secure devices through a critical vulnerability. The sophisticated attack tool, linked to Chinese cyber espionage groups, introduces advanced persistence capabilities including rootkits and web shells.
Malicious Google Ads Target DeepSeek Users in Sophisticated Malware Campaign
Security researchers uncover a deceptive advertising scheme using Google Ads to spread malware by impersonating the DeepSeek AI platform. The incident highlights growing cybersecurity concerns around AI tools and search result manipulation, prompting increased vigilance when downloading software.
Multi-Language ReaderUpdate Malware Variants Target Apple Systems
A sophisticated malware operation targeting macOS has evolved to include variants written in Crystal, Nim, Rust, and Go programming languages. The expanded capabilities allow for system information collection, remote command execution, and potential pay-per-install operations while employing advanced obfuscation techniques.