JinxLoader, a new malware loader developed using the Go programming language, is being used in phishing attacks to distribute Formbook and XLoader, posing a significant threat to users.
Security researchers have discovered a new variant of the DLL Search Order Hijacking technique that allows cyber criminals to bypass security mechanisms on Windows 10 and Windows 11 systems, enabling them to introduce potentially vulnerable binaries into the attack chain.
Terrapin vulnerability allows attackers to compromise SSH connections by manipulating extension negotiation message, affecting various SSH client and server implementations.
Nation-state actors affiliated with North Korea, specifically the advanced persistent threat group known as Kimsuky, have been using spear-phishing attacks for over a decade to target various entities, raising concerns about cybersecurity and the evasion of international sanctions.
The Russia-linked APT28 group conducted a phishing campaign targeting Ukrainian government entities and Polish organizations, distributing previously undocumented malware strains such as OCEANMAP, MASEPIE, and STEELHOOK.
Microsoft has disabled the ms-appinstaller protocol handler and revoked abused certificates to prevent the distribution of malware by threat groups.
