The widescale use of VMware ESXi in enterprises has now attracted a new Cheerscrypt ransomware threat that is targeting poorly secured ESXi servers. According to the ransom notes, the attackers give their victims three days to access the provided Tor site to negotiate the ransom payment for a worki ... Read More

MalwareHunterTeam discovered a new malware sample containing a ransom note instead of a promotional text. The note states that the gang has stolen the victim’s data, along with encrypting it.

Security analysts spotted two new ransomware variants for Nokoyawa and Chaos ransomware, in two separate reports. Chaos' variant named Yashma includes two new improvements: the ability to stop execution on the basis of a victim's location and stop different running processes linked with antivirus a ... Read More

Microsoft found that scammers are using image files with a hidden malicious PHP script to manipulate e-commerce checkout pages and capture payment card details in their latest attack campaigns. The attackers are obfuscating their code snippets, injecting them into image files, and masquerading as w ... Read More

Cyble researchers spotted a malware campaign targeting the infoSec community via a fake PoC exploit code for RPC Runtime RCE flaw. The fake exploit was distributed via GitHub. By attacking the infosec community, attackers are probably trying to gain access to vulnerability research or steal other p ... Read More

A new attack observed by Trustwave starts with a chatbot-like page that attempts to establish communication and trust with the target instead of directly sending an embedded link.

The cybercrime operation states that it does not use any ransomware and focuses on network infiltration by abusing vulnerabilities. The attackers focus primarily on data exfiltration and do not build any encryption modules.

The targeted attack, dubbed Twisted Panda, has been going on since at least June 2021 and spied on at least two Russian defense research institutes and another unknown target in Belarus.

Sonatype warns developers against malicious packages in the PyPI registry that were rooted by cybercriminals to perform supply chain attacks by deploying Cobalt Strike beacons and backdoors on Windows, macOS, and Linux systems. It could provide hackers initial access to the developer's network for ... Read More

First detected in 2017, Wizard Spider has come a long way. A recent investigation by Prodaft revealed that the gang is one of the wealthiest ones and its assets exceed hundreds of millions of dollars.