MUST READ. FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware.
Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw.
Microsoft fixed two zero-day bugs exploited in malware attacks.
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware.
PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released.
Raspberry Robin spotted using two new 1-day LPE exploits.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware.
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204.
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell.
APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw.
Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
DarkCasino joins the list of APT groups exploiting WinRAR zero-day.
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748.
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198.
Experts released PoC exploit code for VMware Aria Operations for Logs flaw.
North Korea-linked APT groups actively exploit JetBrains TeamCity flaw.
Multiple APT groups exploited WinRAR flaw CVE-2023-38831.
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035.
This Cyber News was published on securityaffairs.com. Publication date: Sun, 02 Jun 2024 18:43:08 +0000