SonicWall and Cisco warn of zero-day attacks targeting network security appliances
Attacks involving Cisco SEG and SEWM appliances have been attributed to a suspected Chinese threat group known as UAT-9686.
Cybersecurity News - Page 23
GhostPoster campaign hides malware in Firefox extension logos
The campaign involves at least 17 compromised Firefox extensions that use steganography to conceal a JavaScript loader within PNG logo files.
A major fraud operation dismantled in Ukraine
Scammers allegedly tricked victims into installing remote access software, allowing criminals to steal online banking credentials.
Urban VPN Proxy extension reportedly found harvesting AI chat conversations
The extension includes scripts designed to capture conversations across major platforms such as ChatGPT, Claude, and Gemini.
Chinese Ink Dragon hackers set their sights on Europe, exploit IIS and SharePoint flaws
The attack starts with the attackers gaining initial access via ViewState deserialization or ToolShell-based exploits, then deploy ShadowPad on the compromised server.
New BlackForce phishing kit uses advanced MFA bypass
BlackForce is designed to steal user credentials and conduct Man-in-the-Browser (MitB) attacks.
React2Shell flaw exploited to deploy KSwapDoor and ZnDoor backdoors
Attackers are abusing the flaw to achieve remote code execution in applications using React Server Components.
Critical FortiGate flaws come under active exploitation
Arctic Wolf said it observed active intrusions involving malicious single sign-on (SSO) logins on December 12.
Years-long Russian cyberespionage campaign targets Western critical infrastructure
The activity has been observed between 2021 and 2025 and has been attributed “with high confidence” to Russia’s GRU.
Phishing campaign targets Russian organizations with Phantom Stealer
Phantom Stealer is capable of harvesting sensitive data from cryptocurrency wallets, browsers, and desktop apps.
Showing elements 221 - 230