Today > 5 Critical | 6 High | 25 Medium vulnerabilities - You can now download lists of IOCs here!
6 attack reports | 84 vulnerabilities
Grandoreiro is a Brazilian banking trojan that has evolved into a global financial threat, targeting over 1,700 banks and 276 crypto wallets in 45 countries. Despite law enforcement efforts, the malware remains active, with new versions featuring enhanced evasion techniques like multiple Domain Gen…
A new phishing campaign targeting Russian-speaking users employs the open-source Gophish framework to deliver DarkCrystal RAT and a novel remote access trojan called PowerRAT. The attack utilizes modular infection chains, either through malicious Microsoft Word documents or HTML files with embedded…
Security researchers have detected new attacks involving the Bumblebee malware loader, just four months after Europol disrupted its operations in Operation Endgame. The malware has resurfaced with updated tactics, using MSI files disguised as legitimate software installers to deliver its payload di…
Akira ransomware has established itself as a prominent threat, constantly evolving its tactics. Initially employing double-extortion, it shifted focus to data exfiltration in early 2024. The group developed a Rust variant of their ESXi encryptor, moving away from C++. Recently, Akira has returned t…
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
A malicious actor has been observed targeting Docker remote API servers to deploy the SRBMiner cryptominer for mining XRP cryptocurrency. The attacker utilizes the gRPC protocol over h2c (clear text HTTP/2 protocol) to evade security measures and execute cryptomining operations on Docker hosts. The…