Careto: A Notorious Threat Group Targets Windows with Microphone Recording and File Theft
Recent research links The Mask group to a 2022 attack on a Latin American organization, exploiting an MDaemon email server and WorldClient webmail for persistent access. The initial compromise method [...]
New VIPKeyLogger in Office Docs Steals Credentials
VIPKeyLogger, similar to the Snake Keylogger, spreads through phishing campaigns via attachments disguised as archive or Microsoft 365 files. It uses malicious Office documents to connect to C2 servers and [...]
Hackers Exploit Windows Management Console for Backdoor Payloads
The FLUX#CONSOLE campaign exploits .MSC files to deploy backdoor malware, highlighting advanced phishing and Windows feature abuse. The FLUX#CONSOLE campaign is a multi-stage attack aimed at delivering backdoor malware. It [...]
Malicious ads on CAPTCHA pages spread password stealers
Cybercriminals are using fake CAPTCHA pages to spread password-stealing malware. These fake CAPTCHAs, often appearing as pop-ups, trick users into running harmful PowerShell commands through malicious ads, mimicking legitimate verification [...]
Hackers exploit Apache Struts2 flaw to upload malware
Hackers are exploiting a new Apache Struts2 vulnerability (CVE-2024-53677) with a critical CVSS score of 9.5, posing severe risks. Apache Struts2 flaw Apache Struts2 recently announced a vulnerability with path-traversal, [...]
FHN 
