Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017

18/03/2025 0 Comments 0 tags

An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated

New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads

18/03/2025 0 Comments 0 tags

Cybersecurity researchers have warned about a large-scale ad fraud campaign that has leveraged hundreds of malicious apps published on the Google Play Store to serve full-screen ads and conduct phishing

BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse

18/03/2025 0 Comments 0 tags

At least four different threat actors have been identified as involved in an updated version of a massive ad fraud and residential proxy scheme called BADBOX, painting a picture of

China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation

18/03/2025 0 Comments 0 tags

Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a

How to Improve Okta Security in Four Steps

18/03/2025 0 Comments 0 tags

While Okta provides robust native security features, configuration drift, identity sprawl, and misconfigurations can provide opportunities for attackers to find their way in. This article covers four key ways to

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets

18/03/2025 0 Comments 0 tags

Microsoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

17/03/2025 0 Comments 0 tags

A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions

17/03/2025 0 Comments 0 tags

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions. That’s according

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

17/03/2025 0 Comments 0 tags

An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in

SANS Institute Warns of Novel Cloud-Native Ransomware Attacks

17/03/2025 0 Comments 0 tags

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The