CISA: Hackers Continue to Exploit Log4Shell in Unpatched VMware Servers
VMware released patches related to Log4Shell, a vulnerability in a popular Java framework that left countless servers at risk, in December …
Malicious
Threat actors continue to exploit Log4Shell in VMware Horizon Systems
The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon …
Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns
If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds …
New ‘Quantum’ Builder Lets Attackers Easily Create Malicious Windows Shortcuts
A new malware tool that enables cybercriminal actors to build malicious Windows shortcut (.LNK) files has been spotted for sale on …
Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released …
AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Note: this advisory uses the MITRE ATT&CK for Enterprise framework, version …
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network …
YODA Tool Found ~47,000 Malicious WordPress Plugins Installed in Over 24,000 Sites
As many as 47,337 malicious plugins have been uncovered on 24,931 unique websites, out of which 3,685 plugins were sold on legitimate …
Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys
Two trojanized Python and PHP packages have been uncovered in what’s yet another instance of a software supply chain attack targeting the …
Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems
The PyPI “pymafka” package is the latest example of growing attacker interest in abusing widely used open source software …
Snake Keylogger Spreads Through Malicious PDFs
While most malicious e-mail campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF …
Sinister Eternity Malware Kit Is Being Sold On Telegram With Malicious Options Galore
Lately, cybercriminals have been using Telegram to sell malware and other malicious tools as a service. Last month we reported on a …
Nerbian RAT Malware Delivered Using Word Documents That Include Malicious Macro Code
There has been the discovery of a new remote access trojan called Nerbian RAT by the researchers at Proofpoint, which has a number of …