Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

24/07/2025 CyberGeek 0 Comments 0 tags

Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared

Read More

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

24/07/2025 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the “mu-plugins” directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions. Must-use

Read More

Europol Arrests XSS Forum Admin in Kyiv After 12-Year Run Operating Cybercrime Marketplace

24/07/2025 CyberGeek 0 Comments 0 tags

Europol on Monday announced the arrest of the suspected administrator of XSS.is (formerly DaMaGeLaB), a notorious Russian-speaking cybercrime platform. The arrest, which took place in Kyiv, Ukraine, on July 222,

Read More

Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware

23/07/2025 CyberGeek 0 Comments 0 tags

The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been

Read More

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

23/07/2025 CyberGeek 0 Comments 0 tags

The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information. “The new

Read More

Kerberoasting Detections: A New Approach to a Decade-Old Challenge

23/07/2025 CyberGeek 0 Comments 0 tags

Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and

Read More

Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages

23/07/2025 CyberGeek 0 Comments 0 tags

Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks. “As supply chain

Read More

CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF

23/07/2025 CyberGeek 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

Read More

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

23/07/2025 CyberGeek 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence

Read More

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

22/07/2025 CyberGeek 0 Comments 0 tags

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7,

Read More