Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details.

Researcher Simone Margaritelli has uncovered a critical vulnerability that has been present in GNU/Linux systems for over a decade, scoring a 9.9 out of 10 for severity. This flaw allows attackers to gain complete control of vulnerable devices.

This malware, known as “PdiddySploit,” poses serious security threats to individuals and organizations. The attackers are luring the public with promises of revealing deleted X posts related to Combs on social media platforms.

Fake ads are spreading Lumma Stealer malware, targeting fans of the League of Legends World Championship. Cybercriminals are capitalizing on the event hype to trick unsuspecting gamers into downloading a malicious game version.

The group’s persistence is ensured by creating scheduled tasks and employing encryption methods like SHA256 hashing and the Salsa20 algorithm to transmit sensitive data to a command and control server named iceandfire[.]xyz.

Security researcher Zach Hanley from Horizon3. ai discovered hardcoded credentials in the software, allowing unauthenticated access to sensitive IT support data, like password resets and shared service account credentials.

Rhadamanthys, an advanced information stealer, has introduced innovative AI capabilities in version 0.7.0, allowing it to extract cryptocurrency seed phrases from images using optical character recognition (OCR).

The flaw allows attackers to execute code remotely by injecting a malicious PHP object due to improper handling of input during deserialization. This flaw is similar to CVE-2024-5932 but bypasses certain checks, making it even more dangerous.

With enhancements like reduced data transmissions, dynamic code loading, and push notification blocking, Octo2 poses a significant threat to Android users and underscores the continued development of malicious mobile malware.