China-linked Lotus Blossom APT targets governments and industries in Asian countries with new Sagerunex backdoor variants. Talos researchers linked China-backed Lotus Blossom APT (also known as Elise and Esile) to multiple campaigns targeting organizations in sectors such as government, manufacturing,…
Tag: Security Affairs
China-linked APT Silk Typhoon targets IT Supply Chain
Microsoft warns that China-backed APT Silk Typhoon linked to US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target…
Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies
Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 TB of stolen data. The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The group…
New Eleven11bot botnet infected +86K IoT devices
The Eleven11bot botnet has infected over 86,000 IoT devices, mainly security cameras and network video recorders (NVRs). Researchers from Nokia Deepfield Emergency Response Team (ERT) discovered a new botnet named Eleven11bot that has already infected over 86,000 IoT devices. Most…
Polish Space Agency POLSA disconnected its network following a cyberattack
The Polish space agency POLSA announced it has disconnected its network from the internet following a cyberattack. The Polish space agency POLSA was forced to disconnect its network from the internet in response to a cyberattack. The agency revealed that…
U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The…
VMware fixed three actively exploited zero-days in ESX products
Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively…
Digital nomads and risk associated with the threat of infiltred employees
Companies face the risk of insider threats, worsened by remote work. North Korean hackers infiltrate firms via fake IT hires, stealing data. Stronger vetting is key. In an increasingly connected and digitalized world, companies are facing new security challenges. The…
Google fixed two actively exploited Android flaws
Android March 2025 security update addresses over 40 vulnerabilities, including two flaws actively exploited in attacks in the wild. Android March 2025 security update addressed over 40 vulnerabilities, including two flaws, respectively tracked as CVE-2024-43093 and CVE-2024-50302, which are actively…
Mass exploitation campaign hit 4,000+ ISP networks to deploy info stealers and crypto miners
A massive attack targets ISPs in China and the U.S. West Coast to deploy info stealers and crypto miners on compromised systems. The Splunk Threat Research Team discovered a mass exploitation campaign from Eastern Europe targeting ISPs in China and…