The ongoing threat campaign known as VEILDrive is utilizing Microsoft services such as Teams, SharePoint, Quick Assist, and OneDrive in its operations to distribute spear-phishing attacks and store malware.
Novaya Gazeta Europe, an independent Russian news site, faced a series of DDoS attacks causing its website to go offline temporarily. The attacks lasted from Monday to Wednesday, with junk page requests reaching 12 million per minute.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting popular networking and security products.
A critical authentication bypass vulnerability has been disclosed in the Really Simple Security plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site.
Misconfigurations in Microsoft Power Pages are exposing sensitive data. Excessive access permissions allow unauthorized users to access personal information like employee details and internal files.
The new malware named Glove Stealer can get around Google Chrome's App-Bound encryption to steal browser cookies. Security researchers found this malware during a phishing campaign and noted that it is still in the early stages of development.
Researchers have reported that the Emmenhtal malware loader, first identified in early 2024, employs Living Off the Land Binaries and Scripts (LOLBAS) tactics to evade detection.
Google has stated that scammers are using tactics such as cloaking to impersonate legitimate websites and conduct scams. Cloaking involves showing different content to search engines and users to manipulate search rankings and deceive people.
Ransomware gangs are increasingly targeting weekends and holidays, when cybersecurity teams are typically less staffed, according to a new report. 86% of study participants who experienced a ransomware attack were targeted on a weekend or holiday
Hybrid work models have led to new vulnerabilities in corporate print infrastructure, including insecure and unmanaged printers, inadequate user authentication, exposed local spools, and inconsistent patching practices.
