A recent cyberattack revealed a new method used by hackers. They bypassed Windows Defender policies using WinDbg Preview. This app, developed by Microsoft, is available on the Microsoft Store. It’s mainly a debugging tool. But attackers repurposed it to launch stealthy attacks. This breach shows how even trusted software can …
Adobe ColdFusion Security Update: 11 Critical Flaws Patched
In a significant security update that has stirred the cybersecurity community, Adobe has patched a total of 30 vulnerabilities in its ColdFusion platform. Among these, 11 are rated as critical, drawing immediate attention from security researchers and enterprise IT administrators worldwide. ColdFusion, Adobe’s long-standing web application development platform, has been …
Supply Chain Attack: PyPI Malware Steals Sensitive Info
What Happened? In a startling revelation, cybersecurity researchers have discovered a series of malicious Python packages uploaded to PyPI (Python Package Index), the official repository for Python libraries. These packages were downloaded more than 39,000 times, spreading stealth malware to unsuspecting developers around the globe. This campaign is part of …
FIN7 Exploits SharePoint to Deploy Anubis Backdoor
Cybercriminal groups are constantly evolving their tactics to breach enterprise networks, and FIN7 is no exception. The notorious hacking group, known for its financially motivated cyberattacks, has recently been observed deploying the Anubis backdoor to hijack Windows systems. This latest campaign involves exploiting compromised Microsoft SharePoint sites to distribute malicious …
Fileless Cryptojacking Campaign Exploits 1k+ PostgreSQL Servers
A recent large-scale cyberattack has compromised over 1,500 PostgreSQL servers in a sophisticated fileless cryptocurrency mining campaign. The attackers exploit weak security configurations to deploy cryptojacking malware, which hijacks computing resources to mine cryptocurrencies without the knowledge or consent of the server owners. This incident underscores the growing threat to …
Earth Alux: China-Linked APT Uses VARGEIT & COBEACON
Recent cybersecurity investigations have revealed a series of highly sophisticated cyber intrusions attributed to a threat actor group known as “Earth Alux.” This group, believed to be linked to China, has been engaging in prolonged and stealthy cyber-espionage operations, targeting organizations worldwide. Their use of advanced malware tools—VARGEIT and COBEACON—demonstrates …