The Quad7 botnet, previously focused on TP-Link routers, now targets a wider range of devices including Zyxel VPN appliances, Ruckus wireless routers, and Axentra media servers, utilizing backdoors with HTTP reverse shells and the KCP communications protocol over UDP.
A critical deserialization vulnerability in Ivanti Endpoint Manager (EPM) enables remote attackers to execute arbitrary code, posing a high risk of compromise to managed endpoints.
Investment scams targeting victims aged 60 and above account for majority of losses, with FBI receiving over 69,000 complaints related to financial fraud and crypto.
Microsoft released a Patch Tuesday update addressing 79 fixes for zero-day vulnerabilities actively exploited by attackers, including remote code execution and elevation of privilege flaws.
PIXHELL attack exploits screen’s acoustic signals to exfiltrate data from air-gapped systems, highlighting vulnerability of traditional security measures.
Chinese-speaking threat actor TIDRONE conducts cyber espionage targeting Taiwan’s military supply chain, utilizing custom malware and supply chain attack tactics.
