Palo Alto Networks unearthed an ongoing email campaign by Emotet operators, which now propagates through malicious Excel files while also implementing other obfuscation techniques. For this, attackers have used email thread hijacking and some other attack tactics. Experts revealed they have been delivering an Excel file with an obfuscated Excel 4.0 macro via socially engineered […]

SonarSource researchers, who discovered the bugs, noted that Zabbix is a high-profile target for threat actors due to its popularity, features, and its privileged position in most company’s networks.

The vulnerability is tracked as CVE-2022-22945 and it has a CVSS score of 8.8. VMware described it as a CLI shell injection vulnerability affecting the product’s NSX Edge appliance component.

Cisco devices are used throughout the DoD, the defense industrial base, and national security systems, and any unsecured credentials on these devices could lead to entire networks getting compromised.

Windows machines located in South Korea have been targeted by a botnet tracked as PseudoManuscrypt since at least May 2021 by employing the same delivery tactics of another malware called CryptBot.

One of the more common infections that seen is the site-wide redirects to spam and scam sites, achieved by attackers exploiting newly found vulnerabilities in popular WordPress plugins.

The White House blamed Russia for this week’s cyberattacks targeting Ukraine’s defense ministry and major banks and warned of the potential for more significant disruptions in the days ahead.

A new Golang-based botnet under active development has been ensnaring hundreds of Microsoft Windows devices each time its operators deploy a new command and control (C2) server.

A new WordPress plugin vulnerability is now putting millions of WordPress users at risk. This security issue is specifically found on UpdraftPlus, a cloning plugin for WordPress.