Vulnerabilities

The attacks are leveraging CVE-2024-40766, an improper access control issue affecting SonicWall firewalls.  ​ Read More  ​ 

Gonepostal enables email-based C2 communication, effectively turning the email client into a backdoor.  ​ Read More  ​ 

Liridon Masurica faces a maximum sentence of 10 years in a US prison.  ​ Read More  ​ 

One of the previously disclosed flaws resides in Windows SMB Server and another affects the Newtonsoft.Json library.  ​ Read More  ​ 

Volodymyr Tymoshchuk is alleged to have been involved in compromising over 250 networks in the US, as well as hundreds more globally.  ​ Read More  ​ 

The attackers use the TOR network for anonymity and exploit misconfigured Docker instances to install XMRig.  ​ Read More  ​ 

TAG-150 maintains a large and complex infrastructure, including both victim-facing servers used to control various malware and multi-layered backend servers.  ​ Read More  ​ 

The domains are believed to be part of a long-running campaign to gain long-term access to global organizations.  ​ Read More  ​ 

The maintainer of widely used NPM packages, confirmed his account was hijacked following a sophisticated phishing attack.  ​ Read More  ​ 

The threat actors behind GPUGate used malvertising to display fake ads at the top of Google search results.  ​ Read More  ​ 

The attack saw 327 GitHub accounts compromised, with malicious GitHub Actions workflows injected into 817 repositories.  ​ Read More  ​ 

Successful exploitation gives the attacker the ability to act with administrative privileges in the SAP system.  ​ Read More  ​ 

Using the account, the intruders downloaded content from multiple repositories and then added a guest user and established workflows.  ​ Read More  ​ 

In brief: WhatsApp fixes a flaw used in a spyware campaign, threat actors exploit a zero-day in Sitecore, and more.  ​ Read More  ​ 

The attackers are abusing a sample machine key that was included in Sitecore deployment guides from 2017 and earlier.  ​ Read More  ​