From The Hacker News – Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign
Posted inNews

From The Hacker News – Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has been attributed to a threat actor Wiz tracks as
From The Hacker News – Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Posted inNews

From The Hacker News – Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners

Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company
From The Hacker News – Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Posted inNews

From The Hacker News – Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month. Targets of the campaign include individuals and