VexTrio, the single largest malicious traffic dealer, operates as part of a large “legal associates program” and has been involved in various malicious campaigns, including distributing the Glupteba malware and orchestrating a widespread attack involving compromised WordPress websites.
The official Twitter account of the US Securities and Exchange Commission (SEC) was hacked in a SIM swap attack, resulting in a false announcement about the approval of Bitcoin Exchange Traded Funds (ETFs) and raising concerns about the use of SMS-based two-factor authentication.
The Australian government, in collaboration with the United States and the United Kingdom, announces criminal penalties for providing assets to Russian cybercriminal Aleksandr Ermakov, who was involved in the 2022 data breach of the Medibank Private network.
Gcore’s latest report highlights a significant rise in DDoS attack volumes, reaching 1.6 Tbps, with the gaming and financial industries being the primary targets.
Apple has released security updates for iPhones, Macs, and Apple TVs to fix a zero-day vulnerability in the WebKit browser engine that allows threat actors to execute arbitrary code by tricking users into visiting a malicious site.
Security experts observe thousands of attempts to exploit a remote code execution vulnerability in outdated Atlassian Confluence servers, allowing for pre-auth template injection remote code execution without authentication.
