Cybercriminals Exploit Weaponized ZIP Files to Acquire NTLM Hashes
Cyber adversaries utilize ZIP files as a means to weaponize them, leveraging the ease of concealing malicious payloads within compressed archives. This tactic poses a challenge for security systems, as [...]
Malicious npm Packages: North Korean Hackers Targeting Developers
Recent discoveries by Phylum indicate that a series of counterfeit npm packages identified on the Node.js repository are associated with state-sponsored actors from North Korea. Malicious npm Packages The packages [...]
SSH-Snake Malware: Stealing SSH Keys to Expand Network Spread
Threat actors exploit SSH credentials to gain unauthorized access to systems and networks, executing malicious activities by leveraging weak or compromised credentials. The misuse of SSH credentials offers a covert [...]
LiteSpeed Plugin Vulnerability Exposes 5 Million WordPress Sites to Risk
Researchers at Patchstack have issued a warning regarding an unauthenticated site-wide stored XSS vulnerability, identified as CVE-2023-40000, affecting the LiteSpeed Cache plugin for WordPress. LiteSpeed Plugin Vulnerability The LiteSpeed Cache [...]
Xeno RAT Exploits Windows DLL Search to Evade Detection
A newly identified, sophisticated malware coded in C# has emerged. Dubbed Xeno RAT, this malware boasts advanced features such as evasion tactics, payload generation, and an additional layer of threat [...]
FHN 
