Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream
Attack matches three-year long pattern of ScreenConnect attacks tracked by Sophos MDR as STAC4365.
Similar Posts
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Bys sAmazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. “This discovery highlights the trend of threat actors focusing on critical identity and network access control…
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
Bys sThe Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. “ApolloShadow has the capability to install a trusted root certificate…
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
Bys sThe North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor. Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows,
SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips
Bys sThe U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million from retail investors. The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., as well as investment clubs AI…
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Bys sApple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. “Apple is aware of a report that…
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense
Bys sIntro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May…