News

Update on the emerging CL0P extortion campaign targeting Oracle E-Business Suite

Bys s October 6, 2025

UPDATE: On the emerging CL0P extortion campaign targeting Oracle E-Business Suite (EBS) customers, we can now confirm the actor likely exploited a zero-day vulnerability (CVE-2025-61882) to steal data. Here are the critical updates: ➡️ Confirmed Data Exfiltration: We’ve confirmed the actor successfully exfiltrated large volumes of data from victim environments in August 2025. During negotiations,…

Source

News

Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
Bys s October 21, 2025

A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access. Salt Typhoon, also…

Read More Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
News

Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
By December 25, 2024

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the…

Read More Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
News

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Bys s July 17, 2025

Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. “The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos…

Read More Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
News

China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
Bys s March 18, 2025

Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL. The attack, detected by ESET in late August 2024, singled out a Central European diplomatic institute with lures related to Word…

Read More China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
News

Network security best practices for the holidays
Bys s December 23, 2024

Tips to better protect your network while you take some well-deserved time off.

Read More Network security best practices for the holidays
News

Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
Bys s June 19, 2025

Most cyberattacks today don’t start with loud alarms or broken firewalls. They start quietly—inside tools and websites your business already trusts. It’s called “Living Off Trusted Sites” (LOTS)—and it’s the new favorite strategy of modern attackers. Instead of breaking in, they blend in. Hackers are using well-known platforms like Google, Microsoft, Dropbox, and Slack as…

Read More Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session

Similar Posts