Helix Extortion Group Targets SharePoint with Vishing and Device Code Tactics

The Helix group uses vishing and device code phishing to break into SharePoint, then exfiltrates data for extortion or sale.

The Latest

Breaking News and Alerts

Leaked Server Exposes Mass WordPress Backdoor Operation

Researchers found an attacker's unsecured server containing 800 MB of data, revealing how a webshell brokerage compromised thousands of WordPress sites at scale.

Spotlight

Cybersecurity Profiles and Stories

Threat Actor Claims Theft of 35 GB of Source Code from Accenture

A threat actor claims to have stolen 35 GB of data including source code and credentials from Accenture, but the company says the incident is isolated and remediated.

Remote Crash Vulnerability Discovered in Alibaba’s XQUIC Library for HTTP/3

A single arithmetic error in XQUIC's memory handling during QPACK table resizing lets any remote client crash HTTP/3 servers with normal network traffic.

Rust Based MODBEACON Trojan Relies on gRPC Streaming for Stealthy C2

The memory resident Rust based trojan reuses the transport layer from an open source anti-censorship proxy framework to create encrypted C2 channels.

Page Cache Overflow in Linux FUSE Grants Local Root Access

A local attacker can exploit a page cache overflow in the Linux kernel's FUSE subsystem to gain root privileges by corrupting a SUID binary.

Features

Research and Thought Leadership