The Hacker News

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm V6.0 is designed to connect to its C2 server at 94.159.113 [.]64 on port 4411 and supports a command called "plugin" to ...

XWorm malware resurfaces with ransomware module, over 35 plugins

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, ...
The Hacker News

New "Cavalry Werewolf" Attack Hits Russian Agencies with FoalShell and StallionRAT

Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It's also assessed to have ...
Gadget on MSN

Phishing attacks coming from inside the business

Although phishing activity declined by 40% compared to Q1, it remained the leading initial access method for threat actors, according to a new Cisco Talos report.
Bitdefender

Hackers Use XLL Add-ins and Excel to Deploy CABINETRAT Malware in Ukraine

A group known as UAC-0245 launched a new campaign late last month targeting the Ukrainian government and defense organizations by using XLL files ...
Cyber Daily

Hiding in plain sight: How one Akira affiliate is masking its malicious activity

Akira’s ransomware-as-a-service operation has been highly active in seeking out Australian targets – here’s what network ...

Microsoft: Critical GoAnywhere bug exploited in ransomware attacks

A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in ...
Infosecurity Magazine

Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign

First identified in 2021, Medusa has snared over 300 global victims in critical infrastructure sectors, according to a joint ...