MostereRAT Phishing Campaign Uses Advanced Evasion to Deliver Stealthy Remote Access Malware
The attack leverages obscure programming languages, mTLS-secured C2, and Windows privilege abuse to achieve persistence and evade detection.
The Latest
Docker API Exploits Evolve Into Botnet-Building Malware With Persistent Access
Attackers are shifting from cryptomining to building a multi-vector botnet that can replicate, persist, and prepare for broader attacks.
Microsoft September Patch Tuesday Fixes 81 Flaws, Including Two Zero-Days
The update addresses nine critical bugs and two publicly disclosed vulnerabilities in Windows SMB and SQL Server.
Adobe Issues Emergency Patch for ‘SessionReaper,’ One of the Most Severe Magento Flaws Ever
The critical bug could let attackers hijack customer accounts without authentication through Adobe Commerce and Magento REST APIs.
SAP Patches 21 Vulnerabilities, Including Three Critical Flaws in NetWeaver
The September fixes include a maximum-severity bug that could let attackers execute arbitrary commands via exposed SAP NetWeaver components.
Plex Urges Password Resets After Latest Data Breach Exposes User Credentials
The streaming service confirmed attackers accessed usernames, emails, and hashed passwords, marking the second major breach in three years.
Massive Scans Target Cisco ASA Devices, Raising Fears of Imminent Exploit
A surge in reconnaissance activity against Cisco ASA devices may foreshadow the disclosure of a new vulnerability, researchers warn.
GhostAction Supply Chain Attack Leaks 3,325 Secrets from GitHub Projects
The attack exploited compromised maintainer accounts to silently inject malicious GitHub Actions workflows into hundreds of repositories.
Lovesac Discloses Data Breach Linked to RansomHub Ransomware Attack
Hackers infiltrated Lovesac's internal systems for over two weeks, stealing personal data and prompting a RansomHub ransomware extortion attempt.
Scammers Exploit Apple iCloud Calendar to Deliver Callback Phishing Emails
A new phishing scheme uses legitimate Apple email infrastructure to bypass spam filters and trick victims into calling fake support…
Phishing in Plain Sight: Malicious SVG Files Impersonate Colombia’s Judiciary to Spread Malware
VirusTotal’s AI-enhanced detection revealed an SVG-based phishing campaign that slipped past traditional antivirus tools by disguising malicious portals as official judicial sites.
Nx ‘s1ngularity’ NPM Attack Exposes Thousands of Secrets via AI-Powered Credential Theft
Attackers used AI prompt engineering to enhance a supply chain attack that compromised thousands of GitHub accounts and repositories through…
Malicious npm Packages Impersonate Flashbots to Steal Ethereum Wallet Credentials
Newly discovered npm packages targeting Ethereum developers disguise themselves as trusted cryptographic tools while stealthily exfiltrating private keys and mnemonic…
CastleRAT and CastleLoader: Inside TAG-150’s Expanding Malware Arsenal
The powerful new remote access trojan with Python and C variants shows TAG-150's growing sophistication in delivering modular, evasive malware…
Spotlight
Wealthsimple Discloses Data Breach Exposing Private Customer Information
A software supply chain compromise exposed sensitive personal data of Wealthsimple clients, though funds and passwords remain secure.
Argo CD Flaw Exposes Git Credentials via Low-Level API Tokens
Even minimal project-level permissions can now unlock sensitive repository credentials in unpatched versions of the tool.
SAP S/4HANA Code Injection Flaw Under Active Exploitation, Patch Now Urged
Researchers warn that unpatched systems are already being breached as attackers weaponize the flaw against exposed SAP servers.
Legacy Sitecore Flaw Exploited to Deliver WeepSteel Reconnaissance Malware
Attackers are abusing a misconfiguration in outdated Sitecore deployments to gain remote code execution and establish long-term access.
Features
Bridgestone Probes Cyber Attack Disrupting North American Manufacturing Facilities
The tire giant says it contained the incident early, but ongoing disruptions raise concerns about supply chain impacts.
APT28’s NotDoor Backdoor Turns Microsoft Outlook Into a Covert Command Channel
The stealthy macro-based backdoor abuses Outlook’s event hooks and email triggers to quietly exfiltrate data and execute commands without raising…
New GhostRedirector Threat Cluster Targets IIS Servers for SEO Fraud and Persistent Access
An emerging China-linked threat actor is hijacking legitimate servers worldwide to boost shady websites in search results—and quietly maintain access…
Cybercriminals Exploit X’s Grok AI to Spread Malicious Links in New “Grokking” Campaign
By manipulating metadata fields in promoted videos and leveraging X's own AI chatbot, attackers have found a clever way to…
Malicious npm Packages Use Ethereum Smart Contracts to Conceal Malware Payloads
A new malware campaign blends blockchain and open source deception, using Ethereum smart contracts to stealthily deliver downloader malware through…
AI Tool HexStrike Co-opted by Threat Actors to Accelerate Exploitation of New Vulnerabilities
Originally built for ethical hacking, HexStrike AI is now being turned into an engine for real-world cyberattacks.
