A high-severity security flaw in Openfire XMPP servers allows unauthorized users to create admin accounts and gain access to restricted areas, potentially leading to remote code execution, with threat actors, including those associated with the Kinsing crypto botnet malware, actively exploiting the vulnerability for over two months.
Netenrich researchers identify TZW ransomware, a derivative of ADHUBLLKA, which specifically targets individuals and small businesses, demanding smaller ransoms.
The Lazarus Group, a North Korea-linked threat actor, has been observed exploiting a critical security flaw in Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called QuiteRAT.
Researchers discover a new strain of malware called Smoke Loader that has been active for over a decade and drops a payload called “Whiffy Recon” which uses Wi-Fi triangulation to determine the approximate location of infected systems.
Hackers have been using a zero-day vulnerability in WinRAR’s processing of ZIP files to steal funds from broker accounts, infecting at least 130 traders’ devices and utilizing the DarkMe trojan associated with the EvilNum threat group.
The FBI issues a warning about the Lazarus Group, a North Korean hacking group, responsible for stealing millions of dollars in cryptocurrency and potentially funding the country’s nuclear weapons program.
