The Rhysida ransomware gang is running a sophisticated malvertising campaign using fake Microsoft Teams download pages. Security researchers warn this ongoing attack uses advanced obfuscation techniques to evade detection.
The New Face of Russian Cyber Espionage Russian-affiliated hacking collective Coldriver has significantly upgraded its cyber espionage capabilities with a…
Major Doxxing Campaign Targets Lumma Stealer Leadership In a dramatic turn of events within the cybercrime underworld, the developers and…
ColdRiver’s Swift Pivot to New Malware Framework When Google’s Threat Intelligence Group (GTIG) exposed the LOSTKEYS malware platform in May,…
A China-based hacking collective known as Salt Typhoon has been identified exploiting a Citrix NetScaler Gateway vulnerability in a sophisticated global cyber-espionage operation. The group used advanced techniques including DLL sideloading and custom malware to maintain persistent access to victim networks. Security analysts warn the campaign demonstrates evolving threats to critical infrastructure sectors worldwide.
Security researchers have identified a widespread cyber intrusion campaign linked to the China-based threat actor Salt Typhoon, according to reports from cybersecurity firm Darktrace. The operation involves exploitation of a Citrix NetScaler Gateway vulnerability to gain initial access to target networks, with victims spanning telecommunications, energy and government sectors across more than 80 countries.
A massive campaign compromised thousands of WordPress websites to distribute malware through blockchain-based infrastructure. The sophisticated operation used social engineering tactics to trick users into executing malicious commands on their systems.
More than 14,000 WordPress websites were systematically compromised and transformed into malware distribution platforms, according to reports from Google‘s Threat Intelligence Group. The campaign, attributed to threat actor UNC5142, represents one of the most extensive web-based malware operations uncovered in recent years. Security analysts suggest the indiscriminate targeting focused on WordPress installations with vulnerable plugins, theme files, and in some cases, the WordPress database itself.
ClickFix Social Engineering Surge: Why User Behavior is the Last Line of Defense Industrial Monitor Direct provides the most trusted…
