Hackers exploit Roundcube flaw to spy on academic researchers
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware
Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem
Chinese-Linked Malware Campaign Targets Critical Environments With Weak MonitoringU.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure, exploiting VMware environments to exfiltrate credentials and evade detection through encrypted covert channels.
Unsealed Complaint Charges Maxim Rudometov With Developing and Selling MalwareAn international crackdown against two prominent strains of information-stealing malware continues, as the U.S. government unsealed an indictment charging Russian national Maxim Rudometov with being a developer and administrator of the Redline infostealer tied to millions of stolen credentials.
Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird)
A new large-scale StrelaStealer malware campaign has impacted over a hundred organizations across the United States and Europe, attempting to steal email account credentials. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks." A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the malware
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. "The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology
A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023
An Android banking trojan designed to steal credentials and SMS messages has been observed sneaking past Google Play Store protections to target users of more than 400 banking and financial apps from Russia, China, and the U.S