NGINX servers targeted in web traffic hijacking campaign
Attackers modify legitimate NGINX configuration files by injecting malicious “location” blocks.
Cybersecurity News - Page 15
Coinbase confirms insider breach impacting about 30 customers
A contractor improperly accessed customer information affecting approximately 30 users.
Coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure
The activity, tracked between January 28 and February 2, indicates deliberate infrastructure mapping rather than opportunistic crawling.
Multi-stage phishing campaign targets Dropbox credentials via PDF scheme
With valid login details, threat actors can take over accounts, gain internal access or use the data for additional follow-on fraud.
Hackers exploit React Native Metro vulnerability to launch cross-platform attacks
Researchers estimate that approximately 3,500 exposed React Native Metro servers are currently accessible online.
Chinese Lotus Blossom APT linked to Notepad++ supply-chain attack
The threat actor compromised of infrastructure associated with Notepad++ to deliver a previously undocumented backdoor, dubbed Chrysalis.
Russian hackers exploit critical MS Office flaw in attacks on Ukraine, Romania and Slovakia
The campaign, dubbed Operation Neusploit, was observed just three days after Microsoft revealed the flaw.
Malicious packages flood OpenClaw registry in malware campaign
Masquerading as legitimate cryptocurrency trading automation tools, the packages, known as “skills,” deliver data-stealing malware.
Ukraine’s government entities targeted in attacks exploiting recent MS Office flaw
According to CERT-UA, the flaw was weaponized within a day of Microsoft’s disclosure.
Supply chain attack hits Open VSX registry, malicious updates spread via trusted extensions
The malicious updates embedded the GlassWorm malware loader and were pushed to users through normal update mechanisms.
Showing elements 141 - 150