CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks

14/01/2025 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

13/01/2025 0 Comments 0 tags

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm

Ransomware on ESXi: The mechanization of virtualized attacks

13/01/2025 0 Comments 0 tags

In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]

13/01/2025 0 Comments 0 tags

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but

Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems

13/01/2025 0 Comments 0 tags

No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per

WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables

13/01/2025 0 Comments 0 tags

Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation

11/01/2025 0 Comments 0 tags

Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence

DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

11/01/2025 0 Comments 0 tags

The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander

CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer

10/01/2025 0 Comments 0 tags

Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that’s disguised as an employee CRM application as part of a

RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns

10/01/2025 0 Comments 0 tags

Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024.