Tag: emerging threats
3132 articles
Malware Infiltrates Leaked Claude Code Downloads
Tens of thousands of people who downloaded the leaked Claude Code over the last week unknowingly installed credential-stealing malware, including Vidar stealer and GhostSocks, alongside the purported source code. This digital trap turned what seemed like open-source gold into a digital pickpocket, putting sensitive information at risk.
Banks Overhaul Anti-Money Laundering as Instant Payments Scale
As instant payments scale, banks are racing to overhaul their anti-money laundering strategies to keep up with the lightning-fast pace of transactions that clear in the blink of an eye. With the Federal Reserve's recent move to lift transaction limits to $10 million, financial institutions must now make high-stakes AML decisions in real-time.
Hasbro Hit by Data Breach, Disrupting IT Operations
Hasbro, the iconic toymaker behind beloved brands like Transformers, Peppa Pig, and Monopoly, has suffered a significant data breach that's disrupted its IT operations and may cause weeks-long delays in getting toys to eager kids and retailers. Despite the setback, Hasbro assures that it can still receive orders and ship products, but warns of potential delays.
Residential Proxies Bypass IP Reputation Checks in Most Sessions
Residential proxies are making it increasingly difficult for defenders to block threats, as they bypass IP reputation checks in a staggering 78% of cases, blending in with ordinary home users. This alarming trend is blurring the lines between attackers and legitimate users, making it harder to keep malicious traffic at bay.
Storm Infostealer Decrypts Credentials to Evade Detection
Meet Storm, a sneaky new infostealer that's taking password theft to the next level by remotely decrypting stolen credentials, allowing hackers to slip past security defenses undetected. This game-changing tactic lets stolen passwords be used immediately, bypassing local security controls that would normally sound the alarm.
GitHub Exploited in Sophisticated Malware Campaign
Malicious actors have launched a sophisticated malware campaign that exploits GitHub as a covert command-and-control channel, using trusted platforms to evade detection and wreak havoc on unsuspecting organizations. This multi-stage threat employs LNK files, embedded decoders, and PowerShell to establish persistence and exfiltrate sensitive data.
Akira Ransomware Executes Attacks in Under 60 Minutes
Akira ransomware has become alarmingly efficient, capable of executing a full-scale attack in under 60 minutes - leaving organizations with an incredibly tight window to detect and respond to threats. This lightning-fast strike highlights the urgent need for robust security measures to counter the rapidly evolving ransomware landscape.
Bugs Chain Into Massive Backdoors, Threats Multiply
When small flaws are linked together, they can create massive backdoors - and the latest ThreatsDay Bulletin is sounding the alarm on this rapidly escalating threat landscape. The result? A multiplying list of active problems demanding attention now.
Threat Actors Exploit Vacant Homes to Intercept Mail for Fraud
Threat actors are exploiting vacant homes as postal drop points to intercept and manipulate mail, converting a traditional weakness into a powerful tool for fraud. This emerging hybrid scam combines physical-world tactics with digital deception, allowing criminals to fabricate identities and wreak havoc on unsuspecting victims.
Apple Bolsters iOS Security to Counter DarkSword Web Exploit Kit
Apple just took a major step to safeguard its users by expanding its iOS security update to include older devices, shielding them from the DarkSword web exploit kit. This move ensures that users with older devices, as well as enterprises relying on long-lived hardware, receive crucial protection against potential threats.
Stryker Recovers from Data-Wiping Cyberattack Claimed by Handala Hackers
In a remarkable comeback, Stryker Corporation has bounced back to full operation just three weeks after a devastating data-wiping cyberattack erased many of its systems, claimed by the Iranian-linked Handala hacktivist group. The global medical-technology giant has successfully restored its operations, showcasing resilience in the face of cyber threats.
Progress ShareFile Flaws Enable Pre-Auth RCE Attacks
When the tool designed to safeguard confidential documents becomes a vulnerability, data theft can occur without a single login credential. Progress ShareFile's two chained flaws allow for pre-authentication remote code execution attacks, putting sensitive files at risk of unauthorized exfiltration.
Fake ISO Installers Spread RATs, Crypto Miners in Global Campaign
Beware of fake ISO installers that masquerade as legitimate software, but secretly unleash a malicious payload of RATs, crypto miners, and CPA fraud on unsuspecting victims. For over two years, a financially motivated operation, codenamed REF1695, has been quietly spreading malware through these Trojan horses.
Google Exposes Sophisticated iPhone Hacking Tool Likely Tied to US Government
Imagine a single website visit being all it takes to secretly install malware on your iPhone, bypassing every defense along the way - that's the alarming reality uncovered by Google's security researchers. They've discovered a sophisticated hacking tool, dubbed Coruna, that exploits 23 iOS vulnerabilities to silently compromise devices.
Cisco Patches Authentication Bypass in Integrated Management Controller
Cisco just patched a critical vulnerability in its Integrated Management Controller that lets attackers bypass authentication and gain Admin access - essentially, walk right past the lock on the network's control panel. This fix is a must-have for any Cisco IMC users looking to keep their network secure.
WhatsApp Exposes Italian Users to Spyware via Fake iOS App
WhatsApp has alerted around 200 users, mostly in Italy, about a sneaky spyware attack that hit them after they downloaded a fake version of the app for iOS. This alarming incident raises a crucial question: how can you trust that the app on your phone is genuine?
Microsoft Probes Outlook Disruption Tied to Email Delivery Issues
Microsoft is investigating a frustrating issue affecting Classic Outlook users, preventing them from sending emails via Outlook.com due to a bug linked to broader email delivery problems. The disruption is causing inconvenience for users relying on seamless communication.
F5 BIG-IP Instances Vulnerable to Ongoing RCE Attacks
With over 14,000 F5 BIG-IP Access Policy Manager instances exposed online, a critical vulnerability is putting countless systems at risk of remote code execution attacks. Attackers are actively exploiting this flaw, making it crucial for organizations to take immediate action to protect themselves.
OT Attacks Threaten £5m Downtime Hit on CNI Firms
A single cyberattack on operational technology systems could cripple critical infrastructure providers, causing up to £5m in downtime losses and days of operational paralysis. For organisations that underpin essential services, the stakes have never been higher.
Coffee Machines Expose Corporate Networks to Hacking Risks
Your daily cup of coffee might be putting your company's network at risk of a massive breach, thanks to the humble coffee machine's connection to the internet. Connected devices like these can unwittingly create a backdoor for hackers into an otherwise secure environment.
Google Tightens Android App Verification for Sideloaded Software
Google is shaking things up in the mobile world by introducing a new requirement for Android apps installed outside its official store: developers must now verify their identity to ensure user safety. This move aims to strike a balance between platform openness and protection from potential harm.
Mercor Hit in Widespread LiteLLM Supply-Chain Attack
Thousands of companies, including AI hiring startup Mercor, have been hit by a widespread LiteLLM supply-chain attack, marking the first publicly disclosed downstream casualty of a software supply-chain intrusion. This incident raises a critical question: how can organizations trust their tech toolchains when the chain itself can be compromised?
CrystalRAT Malware Emerges with Advanced RAT and Data Theft Capabilities
Meet CrystalRAT, a powerful malware-as-a-service that's being sold on Telegram, capable of giving outsiders remote control of your computer, stealing sensitive files, recording every keystroke, and even hijacking your clipboard. This malicious tool is a nightmare come true, and its emergence poses a serious threat to online security.
Hackers Exploit TrueConf Flaw to Deploy Malicious Updates
Imagine the video conferencing platform you rely on to connect with your team being turned against you, allowing hackers to spread malicious software to everyone in the room. A recently discovered zero-day flaw in TrueConf's update mechanism has been exploited by threat actors to deliver and execute malicious files on connected devices.