Fake Kling AI Malvertisements Lure Victims With False Promises
Researchers noted that they found several similar websites, two of which are still operating and require the same kind of behavior on behalf of the victim.
Virgin Media 02 Vuln Exposes Call Recipient Location
A hacker exploiting the security flaw in the mobile provider’s network could have potentially located a call recipient with accuracy of up to 100 square meters.
Tenable Adds Third-Party Connectors to Exposure Management Platform
TenableOne now pulls in data from AWS, Microsoft, and competitors to provide a holistic security view of the organization’s attack surface.
A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist
Another adversary picks up the email bombing / vishing Storm-1811 playbook, doing thorough reconnaissance to target specific employees with fake help desk call—this time, over the phone.
Regeneron Pledges Privacy Protection in $256M Bid for 23andMe
Regeneron’s acquisition of 23andMe raises significant privacy concerns as experts warn about the lack of comprehensive federal regulations governing the transfer of genetic information.
Bumblebee Malware Takes Flight via Trojanized VMware Utility
An employee inadvertently downloaded a malicious version of the legitimate RVTools utility, which launched an investigation into an attempted supply chain attack aimed at delivering the recently revived initial-access loader.
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records. The hijacked domains are then used to host URLs that direct users to scams and malware via traffic distribution systems…
Large Retailers Land in Scattered Spider’s Ransomware Web
The threat group games IT help desks to gain entry into retailer networks, and signs show it has shifted its attention from the UK to US targets.
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. “The actor creates websites that masquerade as legitimate services, productivity tools, ad and media creation or analysis
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using