From The Hacker News – ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
Posted inNews

From The Hacker News – ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected
From The Hacker News – China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
Posted inNews

From The Hacker News – China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations. These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place
From The Hacker News – Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
Posted inNews

From The Hacker News – Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved the exploitation of a new-patched security flaw