Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
… The hacker also used ABYSSWORKER, a custom malicious driver masquerading as a legitimate Palo Alto driver. …
Search
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
… Get the whitepaper Related Articles: Critical Everest Forms Pro flaw exploited to take over WordPress sites WP Maps Pro bug exploited to create admin accounts on WordPress sites Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin Hackers exploit file upload bug in Breeze Cache Wor… …
Hackers abuse Google ads for GoDaddy ManageWP login phishing
… Unlike the more common phishing pages that capture username and password pairs, the campaign uses a live AiTM setup, as the attacker uses the credentials to log into the platform in real-time. …
GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
… Download Now Related Articles: Ukraine identifies infostealer operator tied to 28,000 stolen accounts Russian hackers turn Kazuar backdoor into modular P2P botnet Fake OpenAI repository on Hugging Face pushes infostealer malware Fake Claude AI website delivers new 'Beagle' Windows malware Hackers a… …
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
… Get the whitepaper Related Articles: Shai Hulud attack ships signed malicious TanStack, Mistral npm packages New Shai-Hulud malware wave compromises 600 npm packages Popular node-ipc npm package compromised to steal credentials PyPI package with 1.1M monthly downloads hacked to push infostealer New… …
18-year-old NGINX vulnerability allows DoS, potential RCE
… Download Now Related Articles: 13-year-old bug in ActiveMQ lets hackers remotely execute commands Max severity Flowise RCE vulnerability now exploited in attacks CISA: New Langflow flaw actively exploited to hijack AI workflows New critical Exim mailer flaw allows remote code execution Fortinet war… …
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
… Claim Your Spot Related Articles: PyPI package with 1.1M monthly downloads hacked to push infostealer New npm supply-chain attack self-spreads to steal auth tokens Backdoored PyTorch Lightning package drops credential stealer Hackers compromise Axios npm package to drop cross-platform malware Backd… …