Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least...
GenAI: A New Headache for SaaS Security Teams
The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release....
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a...
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit...
Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services
Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and...
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed...
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as...
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build...
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80...
Identity in the Shadows: Shedding Light on Cybersecurity’s Unseen Threats
In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements...
