September 25, 2024 – In a recent alarming discovery, cybersecurity researchers have identified the Necro Trojan malware embedded in two popular Android apps available on the Google Play Store. This malware has already infected over 11 million devices, raising significant concerns about the security of apps on the Play Store and the potential risks to…

September 24, 2024 – In a concerning development for the cybersecurity community, researchers have uncovered a new malware strain named PondRAT, which is being distributed through compromised Python packages. This sophisticated attack, attributed to North Korean threat actors, specifically targets software developers and poses significant risks to the software supply chain. The Discovery The malicious campaign was…

Kanpur, India – September 23, 2024 – A sophisticated cyber-espionage campaign orchestrated by a China-linked group, dubbed “Earth Baxia,” has been uncovered, targeting several Asia-Pacific (APAC) nations. The attackers exploited a vulnerability in the open-source GeoServer software, identified as CVE-2024-36401, to deploy the EAGLEDOOR malware, compromising critical infrastructure and government agencies across the region12. The Attack Vector…

September 20, 2024 – In a significant victory against cybercrime, Europol has successfully dismantled a major phishing network known as iServer. This international operation, codenamed “Operation Kaerb,” targeted a phishing-as-a-service (PhaaS) platform that had been exploiting mobile phone credentials on a massive scale. The iServer platform, primarily operated by Spanish-speaking criminals, was responsible for unlocking…

September 19, 2024 – In a concerning development for cybersecurity professionals, Ivanti has disclosed that a critical vulnerability in its Cloud Service Appliance (CSA) is being actively exploited by threat actors. The vulnerability, tracked as CVE-2024-8963, allows attackers to bypass admin authentication and execute arbitrary commands on unpatched appliances12. Details of the Vulnerability The flaw affects Ivanti…

September 18, 2024 – Cybersecurity researchers have uncovered a massive new botnet, dubbed “Raptor Train,” which has compromised over 200,000 Internet of Things (IoT) devices globally. This botnet, believed to be operated by a Chinese nation-state threat actor known as Flax Typhoon, has been active for several years, targeting critical infrastructure and various organizations worldwide12. Botnet Details…

September 18, 2024 – SolarWinds has released a critical patch for its Access Rights Manager (ARM) software, addressing a severe remote code execution (RCE) vulnerability. The flaw, identified as CVE-2024-28991, has been rated with a critical severity score of 9.0 out of 10, highlighting the urgency for users to update their systems immediately12. Vulnerability Details The vulnerability,…

September 16, 2024 – In a concerning development, cybersecurity experts have raised alarms over North Korean hackers targeting cryptocurrency users on LinkedIn using a sophisticated malware known as RustDoor. This alarming trend highlights the increasing sophistication of cyber threats aimed at the financial sector, particularly decentralized finance (DeFi) and cryptocurrency businesses. The Nature of the Attack…

September 16, 2024 – Oracle WebLogic Server, a key platform for developing and managing enterprise applications, has become the latest target of a new Linux malware named “Hadooken.” This malware, discovered by Aqua Nautilus researchers, is exploiting weak admin credentials to infiltrate systems. Malware Details Hadooken malware is designed to exploit Oracle WebLogic servers by leveraging…

In a notable cyber fraud case, a human resources manager of a US-based IT company was scammed into buying Apple gift cards worth Rs 10 lakh. According to The Indian Express, cybercriminals, posing as the company’s CEO, tricked the manager into thinking these purchases were required as gifts for employees. This scam, a type of “whale…