BROWSER Archives - Page 3 of 106 - Cybersecurity News Everyday

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory

Summary: Malicious hackers are exploiting the ‘mu-plugins’ directory in WordPress to conceal malware, which is difficult for standard security checks to detect. Recently identified files, such as redirect.php and index.php, facilitate backdoor access, redirect users to harmful sites, and alter site content. The exploitation often stems from vulnerabilities such as weak credentials and poorly configured server permissions.…

Cyber Attack

Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

March 31, 2025 LeakNews

Summary: This week’s cybersecurity insights highlight vulnerabilities in widely used systems like Chrome and Kubernetes, as well as emerging threats from phishing-as-a-service operations. The coverage includes data leaks, ransomware trends, and the importance of vigilance against common oversights that can lead to security breaches. Additionally, the impact of recent legal cases and developments in AI-driven cyber threats are discussed.…

Threat Research

From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic

March 31, 2025 SekoiaIO

In March 2025, the Bybit crypto exchange was targeted by the Lazarus group, causing the theft of .5 billion, marking one of the largest crypto heists ever. This incident is part of a larger trend of DPRK-affiliated cyberattacks on cryptocurrency platforms to fund its military programs.…

Interesting Stuff

Daily News Update: Friday, March 28, 2025 (Australia/Melbourne)

March 31, 2025March 31, 2025 iocOne

A wave of cybersecurity incidents has revealed vulnerabilities across various platforms, affecting developers, healthcare providers, enterprises, and individuals. Notably, npm packages were compromised to steal sensitive information, a critical flaw was patched in Firefox, a ransomware fine was issued to a UK company, and numerous vulnerabilities were identified in solar inverters.…

Interesting Stuff

Red Team Perspective: Known Attack Surface and Potential Risks of GitLab – Security KER – Security Information Platform

March 31, 2025March 31, 2025 iocOne

This article discusses various known attack surfaces and potential risks associated with GitLab, highlighting a range of vulnerabilities, including Remote Code Execution (RCE), SSRF, XSS, and permission escalation issues. The information covers the history of vulnerabilities, their impact, and famous cases, emphasizing the importance of security measures for self-managed GitLab instances.…

Threat Research

RST TI Report Digest: 31 Mar 2025

March 31, 2025March 31, 2025 iocOne

This week’s threat intelligence report reveals an analysis of multiple cyber threat reports. Key highlights include espionage tactics from APT groups, sophisticated malware deployments, and various Indicators of Compromise (IoCs) detected across platforms. The ongoing evolution of cyber threats emphasizes adaptive techniques utilized by attackers to infiltrate critical sectors.…

Threat Research

SVC New Stealer on the Horizon

March 31, 2025March 31, 2025 Seqrite

SvcStealer 2025 is a sophisticated information-stealing malware delivered through spear phishing emails. It captures sensitive data from victims, including credentials and cryptocurrency wallet information, and sends it to a command and control (C2) server. With a focus on evading detection, it deletes traces of its activities and can potentially download additional malware.…

Threat Research

APT Silver Fox Utilizing Stock Investment Decoy and Undocumented Windows API to Evade Detection

March 30, 2025 AnalysisSpace

The article provides a detailed analysis of ValleyRAT, a remote access Trojan used by the Silver Fox threat organization. The malware employs various techniques, including deploying both a Trojan and a decoy PDF, to deceive victims while establishing a connection to a command and control server.…

Threat Research

Hidden Malware Strikes Again: Mu-Plugins Under Attack

March 30, 2025 Sucuri

This article discusses the emergence of new malware variants targeting WordPress websites through the mu-plugins directory. Threat actors are using this less visible directory to hide malicious code, affecting site security and integrity. The malware includes fake updates, webshells, and spam injectors, demonstrating persistent attacks on WordPress installations.…

Cyber Security News

Stealthy Snake Keylogger Malware Targets Credentials in Sophisticated Attacks

March 29, 2025 Cyware

Summary: Seqrite Labs reports on a malicious campaign using SnakeKeylogger, an advanced info-stealing malware, which employs a multi-stage infection chain and stealthy execution methods to extract sensitive data from victims. The infection begins with malicious spam emails that contain disguised executable files, leading to the deployment of sophisticated payloads that evade detection.…

Cyber Security News

CISA Adds Google Chromium Mojo Flaw to its Known Exploited Vulnerabilities Catalog

March 29, 2025 Cyware

Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included a high-severity Google Chromium Mojo sandbox escape vulnerability, CVE-2025-2783, in its Known Exploited Vulnerabilities catalog, following its active exploitation in attacks targeting Russian organizations. Google has released out-of-band fixes for the Chrome browser on Windows, advising all users to update their systems.…

Cyber Security News

150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms

March 29, 2025 Cyware

Summary: A malware campaign has compromised approximately 150,000 websites by injecting malicious JavaScript to redirect users to Chinese-language gambling platforms. These attacks utilize iframe tactics for full-screen overlays, targeting visitors of infected sites. Another related operation, dubbed DollyWay, has affected over 20,000 websites globally by redirecting traffic through a complex network of compromised WordPress sites to various scam pages.…

Cyber Security News

UK braced for ‘free speech’ row with JD Vance as far-right websites spurn Online Safety Act

March 29, 2025 CybersecurityNews

Summary: UK officials face potential conflict with the US as far-right social media platforms resist compliance with the Online Safety Act, which aims to curb illegal content. Platforms like Gab and Kiwi Farms have publicly rejected Ofcom’s legal requests, citing concerns over perceived censorship. The British government remains firm on enforcing compliance, risking sanctions against non-compliant platforms despite US backlash.…

Threat Research

Lotus Blossom: New Sagerunex Backdoor Variants Are Targeting APAC Governments

March 28, 2025 Picussecurity

The Lotus Blossom, also known as Lotus Panda, is a sophisticated Chinese APT group involved in cyber espionage for over a decade. They have recently enhanced their tactics by deploying new Sagerunex backdoor variants that utilize third-party cloud services and social media for command-and-control activities. This article examines their tactics, techniques, and procedures, detailing their operational framework along with the challenges we face against such persistent threats.…

Threat Research

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure

March 28, 2025 TrendMicro

Trend Research reveals the exploits of Water Gamayun, a suspected Russian threat actor leveraging a zero-day vulnerability (CVE-2025-26633) in Microsoft Management Console to deploy malware. Their methods include custom payloads, data exfiltration techniques, and the use of backdoor malware. This campaign poses severe risks to organizations, including data theft and operational disruption.…

Cyber Security News

Firefox fixes flaw similar to Chrome zero-day used against Russian organizations

March 28, 2025 CybersecurityNews

Summary: Mozilla has addressed a critical security vulnerability in its Firefox browser, identified as CVE-2025-2857, which could allow attackers to bypass sandbox protections on Windows. This follows a similar vulnerability in Google Chrome that was exploited during espionage attacks in Russia. Currently, there is no evidence that this Firefox flaw has been exploited in the wild.…

Threat Research

TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications

March 28, 2025 Cyble

The TsarBot Android Banking Trojan targets over 750 applications, employing phishing sites and overlay attacks to steal sensitive information. It can manipulate the device’s screen, perform fraudulent transactions, and capture user credentials via a fake lock screen. This threat emphasizes the persistent dangers posed by banking malware.…

Cyber Security News

Tor Browser 13.5.14 Update Fixes Critical Security Flaw for Windows 7, 8, and 8.1

March 28, 2025 CybersecurityNews

Summary: The Tor Project has released an emergency update, Tor Browser 13.5.14, aimed at users on Windows 7, 8, and 8.1, addressing critical security vulnerabilities. The update is crucial for protecting users from the risks associated with a flaw in Firefox’s sandboxing mechanisms that could allow attackers to execute arbitrary code.…

Cyber Security News

Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability

March 28, 2025 CybersecurityNews

Summary: Mozilla has released updates to fix a critical security flaw in its Firefox browser, identified as CVE-2025-2857, which could lead to a sandbox escape. This vulnerability mirrors a recent issue in Google Chrome, which has already been exploited in the wild. Users are urged to update their browsers to protect against potential risks.…

Cyber Security News

Investigative Journalists in Serbia Hit by Advanced Spyware Attack

March 28, 2025 CybersecurityNews

Summary: Two Serbian journalists from the Balkan Investigative Reporting Network (BIRN) were targeted with Pegasus spyware, confirming a disturbing trend of digital surveillance against civil society in Serbia. This incident marks the third use of Pegasus spyware against Serbian activists in recent years, highlighting the ongoing repression and intimidation faced by journalists.…

Tag: BROWSER