Critical SimpleHelp Vulnerability Exploited For Malware Delivery
Attackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malware
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malware
Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282
Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks
SmokeLoader malware identified targeting Taiwanese firms via phishing, exploiting Microsoft Office vulnerabilities
Microsoft urges macOS users to apply a fix for the vulnerability, which it believes may be under active exploitation by the Adload malware family
Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant
The group has been observed exploiting vulnerabilities through SQL injection attacks since 2022
Rapid7 warned that users of Justice AV Solutions (JAVS) Viewer v8.3.7 recording software are at high risk of stolen credentials and having malware installed
Palo Alto Networks observed growing malware-initiated vulnerability scanning activity
The actor utilizes custom Linux malware to pursue financial gain, according to Check Point Research
Cado said the payloads facilitated RCE attacks by leveraging common misconfigurations and known vulnerabilities
The flaw allows the installation of malware that operates at the firmware level
Discovered by Cado Security, the campaign deploys two containers to vulnerable Docker instances
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
QuiteRAT, the North-Korea-Backed group’s new malware, exploits a 2022 ManageEngine ServiceDesk vulnerability
The tool can craft phishing emails, create undetectable malware and identify vulnerable sites
Fortinet suggests attackers are leveraging vulnerabilities like CVE-2021-40444 and CVE-2022-30190
Investigating the ESG bug, Rapid7 assumed the presence of persistent malware hindering device wipes