Hacking Groups & Hackers

Black Basta - In the ever-evolving landscape of cybersecurity, Black Basta has emerged as a formidable ransomware group since its inception in early 2022. Known for its sophisticated tactics and relentless attacks, Black Basta primarily targets businesses and ...
3 weeks ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

admin@338 - admin@338 is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Ajax Security Team - Ajax Security Team is a group that has been active since at least 2010 and believed to be operating out of Iran. By 2014 Ajax Security Team transitioned from website defacement operations to malware-based cyber espionage campaigns targeting the US ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

ALLANITE - ALLANITE is a suspected Russian cyber espionage group, that has primarily targeted the electric utility sector within the United States and United Kingdom. The group's tactics and techniques are reportedly similar to Dragonfly, although ALLANITEs ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Andariel - Andariel is a North Korean state-sponsored threat group that has been active since at least 2009. Andariel has primarily focused its operations--which have included destructive attacks--against South Korean government agencies, military ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Aoqin Dragon - Aoqin Dragon is a suspected Chinese cyber espionage threat group that has been active since at least 2013. Aoqin Dragon has primarily targeted government, education, and telecommunication organizations in Australia, Cambodia, Hong Kong, Singapore, ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT-C-36 - APT-C-36 is a suspected South America espionage group that has been active since at least 2018. The group mainly targets Colombian government institutions as well as important corporations in the financial sector, petroleum industry, and professional ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT1 - APT1 is a Chinese threat group that has been attributed to the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department, commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT12 - APT12 is a threat group that has been attributed to China. The group has targeted a variety of victims including but not limited to media outlets, high-tech companies, and multiple governments. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT16 - APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT17 - APT17 is a China-based threat group that has conducted network intrusions against U.S. government entities, the defense industry, law firms, information technology companies, mining companies, and non-government organizations. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT18 - APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT19 - APT19 is a Chinese-based threat group that has targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education, manufacturing, and legal services. In 2017, a phishing campaign was used to ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT28 - APT28 is a threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165. This group has been active since at least 2004.APT28 reportedly compromised ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT29 - APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR). They have operated since at least 2008, often targeting government networks in Europe and NATO member countries, research institutes, and think tanks. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT3 - APT3 is a China-based threat group that researchers have attributed to China's Ministry of State Security. This group is responsible for the campaigns known as Operation Clandestine Fox, Operation Clandestine Wolf, and Operation Double Tap. As of ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT30 - APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT32 - APT32 is a suspected Vietnam-based threat group that has been active since at least 2014. The group has targeted multiple private sector industries as well as foreign governments, dissidents, and journalists with a strong focus on Southeast Asian ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT33 - APT33 is a suspected Iranian threat group that has carried out operations since at least 2013. The group has targeted organizations across multiple industries in the United States, Saudi Arabia, and South Korea, with a particular interest in the ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT37 - APT37 is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also in Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT38 - APT38 is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau. Active since at least 2014, APT38 has targeted banks, financial institutions, casinos, ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT39 - APT39 is one of several names for cyber espionage activity conducted by the Iranian Ministry of Intelligence and Security (MOIS) through the front company Rana Intelligence Computing since at least 2014. APT39 has primarily targeted the travel, ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

APT41 - APT41 is a threat group that researchers have assessed as Chinese state-sponsored espionage group that also conducts financially-motivated operations. Active since at least 2012, APT41 has been observed targeting healthcare, telecom, technology, and ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Aquatic Panda - Aquatic Panda is a suspected China-based threat group with a dual mission of intelligence collection and industrial espionage. Active since at least May 2020, Aquatic Panda has primarily targeted entities in the telecommunications, technology, and ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Axiom - Axiom is a suspected Chinese cyber espionage group that has targeted the aerospace, defense, government, manufacturing, and media sectors since at least 2008. Some reporting suggests a degree of overlap between Axiom and Winnti Group but the two ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

BackdoorDiplomacy - BackdoorDiplomacy is a cyber espionage threat group that has been active since at least 2017. BackdoorDiplomacy has targeted Ministries of Foreign Affairs and telecommunication companies in Africa, Europe, the Middle East, and Asia. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

BITTER - BITTER is a suspected South Asian cyber espionage threat group that has been active since at least 2013. BITTER has primarily targeted government, energy, and engineering organizations in Pakistan, China, Bangladesh, and Saudi Arabia. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

BlackOasis - BlackOasis is a Middle Eastern threat group that is believed to be a customer of Gamma Group. The group has shown interest in prominent figures in the United Nations, as well as opposition bloggers, activists, regional news correspondents, and think ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

BlackTech - BlackTech is a suspected Chinese cyber espionage group that has primarily targeted organizations in East Asia--particularly Taiwan, Japan, and Hong Kong--and the US since at least 2013. BlackTech has used a combination of custom malware, dual-use ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Blue Mockingbird - Blue Mockingbird is a cluster of observed activity involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems. The earliest observed Blue Mockingbird tools were created in December 2019. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Bouncing Golf - Bouncing Golf is a cyberespionage campaign targeting Middle Eastern countries. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

BRONZE BUTLER - BRONZE BUTLER is a cyber espionage group with likely Chinese origins that has been active since at least 2008. The group primarily targets Japanese organizations, particularly those in government, biotechnology, electronics manufacturing, and ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Carbanak - Carbanak is a cybercriminal group that has used Carbanak malware to target financial institutions since at least 2013. Carbanak may be linked to groups tracked separately as Cobalt Group and FIN7 that have also used Carbanak malware. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Chimera - Chimera is a suspected China-based threat group that has been active since at least 2018 targeting the semiconductor industry in Taiwan as well as data from the airline industry. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Cleaver - Cleaver is a threat group that has been attributed to Iranian actors and is responsible for activity tracked as Operation Cleaver. Strong circumstantial evidence suggests Cleaver is linked to Threat Group 2889 (TG-2889). ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Cobalt Group - Cobalt Group is a financially motivated threat group that has primarily targeted financial institutions since at least 2016. The group has conducted intrusions to steal money via targeting ATM systems, card processing, payment systems and SWIFT ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Confucius - Confucius is a cyber espionage group that has primarily targeted military personnel, high-profile personalities, business persons, and government organizations in South Asia since at least 2013. Security researchers have noted similarities between ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

CopyKittens - CopyKittens is an Iranian cyber espionage group that has been operating since at least 2013. It has targeted countries including Israel, Saudi Arabia, Turkey, the U.S., Jordan, and Germany. The group is responsible for the campaign known as Operation ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

CURIUM - CURIUM is an Iranian threat group first reported in November 2021 that has invested in building a relationship with potential targets via social media over a period of months to establish trust and confidence before sending malware. Security ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Dark Caracal - Dark Caracal is threat group that has been attributed to the Lebanese General Directorate of General Security (GDGS) and has operated since at least 2012. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Darkhotel - Darkhotel is a suspected South Korean threat group that has targeted victims primarily in East Asia since at least 2004. The group's name is based on cyber espionage operations conducted via hotel Internet networks against traveling executives and ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

DarkHydrus - DarkHydrus is a threat group that has targeted government agencies and educational institutions in the Middle East since at least 2016. The group heavily leverages open-source tools and custom payloads for carrying out attacks. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

DarkVishnya - DarkVishnya is a financially motivated threat actor targeting financial institutions in Eastern Europe. In 2017-2018 the group attacked at least 8 banks in this region. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Deep Panda - Deep Panda is a suspected Chinese threat group known to target many industries, including government, defense, financial, and telecommunications. The intrusion into healthcare company Anthem has been attributed to Deep Panda. This group is also ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Dragonfly - Dragonfly is a cyber espionage group that has been attributed to Russia's Federal Security Service (FSB) Center 16. Active since at least 2010, Dragonfly has targeted defense and aviation companies, government entities, companies related to ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

DragonOK - DragonOK is a threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to have a direct or indirect relationship with the threat group Moafee. It is ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Earth Lusca - Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Elderwood - Elderwood is a suspected Chinese cyber espionage group that was reportedly responsible for the 2009 Google intrusion known as Operation Aurora. The group has targeted defense organizations, supply chain manufacturers, human rights and ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Ember Bear - Ember Bear is a suspected Russian state-sponsored cyber espionage group that has been active since at least March 2021. Ember Bear has primarily focused their operations against Ukraine and Georgia, but has also targeted Western European and North ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Equation - Equation is a sophisticated threat group that employs multiple remote access tools. The group is known to use zero-day exploits and has developed the capability to overwrite the firmware of hard disk drives. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Evilnum - Evilnum is a financially motivated threat group that has been active since at least 2018. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

EXOTIC LILY - EXOTIC LILY is a financially motivated group that has been closely linked with Wizard Spider and the deployment of ransomware including Conti and Diavol. EXOTIC LILY may be acting as an initial access broker for other malicious actors, and has ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Ferocious Kitten - Ferocious Kitten is a threat group that has primarily targeted Persian-speaking individuals in Iran since at least 2015. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN10 - FIN10 is a financially motivated threat group that has targeted organizations in North America since at least 2013 through 2016. The group uses stolen data exfiltrated from victims to extort organizations. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN13 - FIN13 is a financially motivated cyber threat group that has targeted the financial, retail, and hospitality industries in Mexico and Latin America, as early as 2016. FIN13 achieves its objectives by stealing intellectual property, financial data, ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN4 - FIN4 is a financially-motivated threat group that has targeted confidential information related to the public financial market, particularly regarding healthcare and pharmaceutical companies, since at least 2013. FIN4 is unique in that they do not ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN5 - FIN5 is a financially motivated threat group that has targeted personally identifiable information and payment card information. The group has been active since at least 2008 and has targeted the restaurant, gaming, and hotel industries. The group is ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN6 - FIN6 is a cyber crime group that has stolen payment card data and sold it for profit on underground marketplaces. This group has aggressively targeted and compromised point of sale (PoS) systems in the hospitality and retail sectors. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN7 - FIN7 is a financially-motivated threat group that has been active since 2013. FIN7 has primarily targeted the retail, restaurant, hospitality, software, consulting, financial services, medical equipment, cloud services, media, food and beverage, ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

FIN8 - FIN8 is a financially motivated threat group that has been active since at least January 2016, and known for targeting organizations in the hospitality, retail, entertainment, insurance, technology, chemical, and financial sectors. In June 2021, ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Fox Kitten - Fox Kitten is threat actor with a suspected nexus to the Iranian government that has been active since at least 2017 against entities in the Middle East, North Africa, Europe, Australia, and North America. Fox Kitten has targeted multiple industrial ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

GALLIUM - GALLIUM is a cyberespionage group that has been active since at least 2012, primarily targeting telecommunications companies, financial institutions, and government entities in Afghanistan, Australia, Belgium, Cambodia, Malaysia, Mozambique, the ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Gallmaker - Gallmaker is a cyberespionage group that has targeted victims in the Middle East and has been active since at least December 2017. The group has mainly targeted victims in the defense, military, and government sectors. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Gamaredon Group - Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organizations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

GCMAN - GCMAN is a threat group that focuses on targeting banks for the purpose of transferring money to e-currency services. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

GOLD SOUTHFIELD - GOLD SOUTHFIELD is a financially motivated threat group active since at least 2018 that operates the REvil Ransomware-as-a Service (RaaS). GOLD SOUTHFIELD provides backend infrastructure for affiliates recruited on underground forums to perpetrate ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Gorgon Group - Gorgon Group is a threat group consisting of members who are suspected to be Pakistan-based or have other connections to Pakistan. The group has performed a mix of criminal and targeted attacks, including campaigns against government organizations in ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Group5 - Group5 is a threat group with a suspected Iranian nexus, though this attribution is not definite. The group has targeted individuals connected to the Syrian opposition via spearphishing and watering holes, normally using Syrian and Iranian themes. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

HAFNIUM - HAFNIUM is a likely state-sponsored cyber espionage group operating out of China that has been active since at least January 2021. HAFNIUM primarily targets entities in the US across a number of industry sectors, including infectious disease ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

HEXANE - HEXANE is a cyber espionage threat group that has targeted oil & gas, telecommunications, aviation, and internet service provider organizations since at least 2017. Targeted companies have been located in the Middle East and Africa, including ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Higaisa - Higaisa is a threat group suspected to have South Korean origins. Higaisa has targeted government, public, and trade organizations in North Korea; however, they have also carried out attacks in China, Japan, Russia, Poland, and other nations. Higaisa ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Inception - Inception is a cyber espionage group active since at least 2014. The group has targeted multiple industries and governmental entities primarily in Russia, but has also been active in the United States and throughout Europe, Asia, Africa, and the ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

IndigoZebra - IndigoZebra is a suspected Chinese cyber espionage group that has been targeting Central Asian governments since at least 2014. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Indrik Spider - Indrik Spider is a Russia-based cybercriminal group that has been active since at least 2014. Indrik Spider initially started with the Dridex banking Trojan, and then by 2017 they began running ransomware operations using BitPaymer, WastedLocker, and ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Ke3chang - Ke3chang is a threat group attributed to actors operating out of China. Ke3chang has targeted oil, government, diplomatic, military, and NGOs in Central and South America, the Caribbean, Europe, and North America since at least 2010. ...
1 year ago Attack.mitre.org CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Western Alliance Bank says nearly 22,000 impacted by file transfer software breach | The Record from Recorded Future News - The Clop gang — which has conducted global data theft campaigns targeting file sharing tools MOVEit, GoAnywhere and Accellion over the last five years — initially named 66 companies in the fall of 2024 but has slowly been releasing the names of ...
5 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Half a million people impacted by Pennsylvania State Education Association data breach | The Record from Recorded Future News - The organization published breach notices in several states and on its website, warning its current and former members as well as their dependants that hackers broke into their systems last year and stole state IDs, Social Security numbers, financial ...
5 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Municipalities in four states are struggling with cyberattacks limiting services | The Record from Recorded Future News - The attack on Cleveland Municipal Court was claimed on Tuesday by the Qilin ransomware gang — a group responsible for other recent attacks on local governments, as well as critical healthcare entities in the U.K. The court did not respond to ...
5 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Increases by 130% - These sophisticated attacks leverage unpatched security flaws in popular browsers to deploy malicious payloads before security teams can implement countermeasures, leaving users and organizations extremely vulnerable in the critical first hours of an ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

New BitM Attack Lets Hackers Steal User Sessions Within Seconds - BitM signifies a major shift in cyber threats, using browser functionalities to evade traditional security measures. This method exploits web browser functionalities to hijack authenticated sessions, posing a significant threat to organizations ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Western Alliance Bank notifies 21,899 customers of data breach - The bank first revealed in a February SEC filing that the attackers exploited a zero-day vulnerability in the third-party software (disclosed by the vendor on October 27, 2024) to hack a limited number of Western Alliance systems and exfiltrate files ...
5 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

GitHub restores code following malicious changes to tj-actions tool | The Record from Recorded Future News - On Friday, cybersecurity firm StepSecurity warned of a security incident impacting the tj-actions/changed-files GitHub Action, a popular tool used to track file changes and trigger other actions depending on those alterations. Mureinik told Recorded ...
6 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

New Clearfake Variant Leverages Fake reCAPTCHA To Trick Users Deliver Malicious PowerShell Code - The infection flow begins with injected JavaScript on compromised websites, which retrieves malicious code from blockchain smart contracts, ultimately leading to the display of fake security challenges. The latest variant, discovered in December ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Sperm donation giant California Cryobank warns of a data breach - The investigation has determined that the attack exposed varying personal data for customers, including names, bank accounts and routing numbers, Social Security numbers, driver's license numbers, payment card numbers, and/or health insurance ...
5 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources - However, security researchers at TrustedSec have discovered that when administrators configure the pre-authentication option to “Passthrough” instead of the default “Microsoft Entra ID” setting, they effectively remove the ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

New Sophisticated Phishing Attack Exploiting Microsoft 365 Infrastructure To Attack Users - What makes this attack particularly dangerous is that traditional email authentication mechanisms cannot detect it since emails originate from legitimate Microsoft domains and pass all standard email security checks, directing victims to voice-based ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Microsoft Warns of New StilachiRAT Stealing Remote Desktop Protocol Sessions Data - Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. Microsoft recommends organizations implement ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Blockchain gaming platform WEMIX hacked to steal $6.1 million - During a press conference held yesterday, WEMIX's CEO Kim Seok-Hwan confirmed the incident occurred on February 28, 2025, explaining that the delay in issuing a public announcement wasn't an attempt to cover it up, but rather a conscious choice to ...
6 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

DocSwap Malware as Security Document Viewer Attacking Android Users Worldwide - A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. S2W Security analysts noted that once installed, the malware ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

vUS Sperm Donor Giant California Cryobank Hacked - Customers' Personal Data Exposed - The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory breach notifications to affected individuals across multiple states, with formal notices sent to customers on March 14, ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

OKX suspends DEX aggregator after Lazarus hackers try to launder funds - OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. OKX is a leading global ...
6 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

New AI Jailbreak Technique Bypasses Security Measures to Write Malware for Google Chrome - The 2025 Cato CTRL™ Threat Report, published on March 18, details how a threat intelligence researcher with zero malware coding experience successfully manipulated leading generative AI platforms including OpenAI’s ChatGPT, Microsoft Copilot, ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

New Arcane infostealer infects YouTube, Discord users via game cheats - A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers. The campaign distributing Arcane Stealer relies ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Kali Linux 2025.1a released with 1 new tool, annual theme refresh - Kali Linux has released version 2025.1a, the first version of 2025, with one new tool, desktop changes, and a theme refresh. With the year's first version, the Kali Team introduces a theme update consisting of new wallpapers and changes to the boot ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Critical Synology Vulnerability Let Attackers Remote Execute Arbitrary Code - CVE-2024-10445: An improper certificate validation vulnerability in the update functionality with a CVSS score of 4.3 that enables adjacent attackers to write limited files. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Beware of Fake GitHub "Security Alerts" Let Hackers Hijack Your Account Logins - The attackers have created GitHub accounts with deceptive names like “GitHub Notification” and proceed to open issues on well-known security repositories with the alarming title “Security Alert: Unusual Access Attempt”. ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Groups - Some North Korean threat actors, such as Earth Manticore (APT37) and Earth Imp (Konni), have been using extremely large .lnk files – with sizes up to 70.1 MB – containing excessive whitespace and junk content to further evade detection. ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

GitHub Action hack likely led to another in cascading supply chain attack - Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. A cascading supply chain attack that began with the compromise of the ...
5 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges | The Record from Recorded Future News - Prosecutors claimed Weiss "cracked the encryption" protecting passwords used by athletes themselves — a tactic he learned through "research that he did on the internet." He also searched through data breaches to find leaked ...
3 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Google Released Open Source Version of OSV-Scanner Tool for Vulnerability Scanning - Originally launched in December 2022, OSV-Scanner has become an essential tool for open-source security, providing developers with easy access to vulnerability information relevant to their projects. Developers across various programming languages ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

PoC Exploit Released for Use-after-free Linux Kernel Vulnerability - Security researchers have publicly released a proof-of-concept (PoC) exploit for CVE-2024-36904, a critical use-after-free vulnerability in the Linux kernel that has remained undetected for seven years. System administrators should prioritize ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

ChatGPT Vulnerability Actively Exploited to Attack Financial & Government Orgs in US - According to research by cybersecurity firm Veriti, this vulnerability has already been weaponized in numerous real-world attacks, demonstrating how threat actors can leverage even moderate security flaws to compromise sophisticated AI systems. Cyber ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Google Parent Alphabet in Talks to Acquire Cyber Security Group Wiz for $30bn - The company’s platform analyzes cloud infrastructure across major providers, including Amazon Web Services, Microsoft Azure, Google Cloud Platform, and others, to identify security vulnerabilities and risks. The acquisition would significantly ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Cloudflare to Implement Post-Quantum Cryptography to Defend Attacks from Quantum Computers - While not yet powerful enough to break conventional cryptography, experts warn of “harvest now, decrypt later” attacks where adversaries store encrypted data today to decrypt it once quantum technology matures. This approach provides ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Bybit Hack - Sophisticated Multi-Stage Attack Details Revealed - The malicious code contained an activation condition targeting specific contract addresses, along with transaction validation tampering designed to bypass security checks. Sygnia researchers identified that the earliest malicious activity began on ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability - “An Authentication Bypass Using an Alternate Path or Channel vulnerability affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests,” states the Fortinet advisory. The ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Microsoft to End Support for Windows 10, No More Security Updates! - “After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10,” states the notification being distributed to users. After this date, the tech ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems - Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems. The vulnerability, tracked as ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla - Security experts advise users to be extremely cautious when downloading supposed game cheats or cracks from YouTube videos, particularly those that require extracting password-protected archives or running batch files. The malware, discovered in late ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Microsoft: Exchange Online bug mistakenly quarantines user emails - Customers have been reporting experiencing similar problems over the last two days, including having issues accessing the Quarantine Review page when using Microsoft Defender for 365 for email protection and ...
2 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Kentico Xperience CMS Authentication Bypass Vulnerability Leads to Remote Code Execution - The second bypass exploits a logical flaw in Microsoft’s obsolete Web Services Enhancement 3.0 library, where the system fails to validate tokens with the “SendNone” password option. By manipulating SOAP requests to use password ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

23,000 GitHub Repositories Targeted In Supply Chain Attack - In a massive security breach discovered this week, approximately 23,000 GitHub repositories have been compromised in what security experts are calling one of the largest supply chain attacks to date. Organizations should review their software supply ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Oracle denies breach after hacker claims theft of 6 million data records - As further proof that they had access to Oracle Cloud servers, the threat actor shared this URL with BleepingComputer, showing an Internet Archive URL that indicates they uploaded a .txt file containing their ProtonMail email address to the ...
2 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Telegram CEO Returns to Dubai Amid French Investigation Continues - Pavel Durov, founder and CEO of Telegram, announced his return to Dubai on Monday following months of judicial supervision in France as investigations into alleged criminal activities on his messaging platform continue. In a statement posted on his ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

CVE-2025-30138 - An issue was discovered on G-Net Dashcam BB GONX devices. Managing Settings and Obtaining Sensitive Data and Sabotaging Car Battery can be performed by unauthorized persons. It allows unauthorized users to modify critical system settings once ...
5 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

GIMP 3.0 Image Editor Released For Linux, macOS, Unix, and Windows - At long last, the first release of GIMP 3.0 is here! This is the end result of seven years of rigorous development by volunteer developers, designers, artists, and community members (for reference, GIMP 2.10 was first published in 2018). Color ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Squid Werewolf Mimic as Recruiters Attacking Job Seekers To Exfiltrate Personal Data - To protect against such threats, security experts recommend implementing email security solutions, avoiding opening attachments from unknown senders, and deploying endpoint detection and response tools capable of identifying suspicious PowerShell ...
6 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

New Windows zero-day exploited by 11 state hacking groups since 2017 - The Windows zero-day, tracked as ZDI-CAN-25373, is caused by a User Interface (UI) Misrepresentation of Critical Information (CWE-451) weakness, which allows attackers to exploit how Windows displays shortcut (.lnk) files to evade detection and ...
5 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing - PoC Released - Security researchers have released a proof-of-concept exploit demonstrating this high-severity flaw, which Microsoft patched in its March 2025 updates. Security experts recommend keeping all Microsoft products updated and implementing additional ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads - Cybersecurity researchers have identified a concerning new attack vector where threat actors are actively exploiting a vulnerability in Google Chrome version 133.0.6943.126 through DLL side-loading techniques. This sophisticated attack allows ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Cloudflare Launches Cloudforce One Threat Platform to Analyze IoCs, IP, Hashes, & Domains - By providing contextual information about cyber threats instead of isolated indicators, Cloudflare’s Cloudforce One threat events platform represents a significant advancement in operational threat intelligence, enabling security teams to ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Russian Seller Offering Record Breaking $4,000,000 for Telegram 0-Day Exploits - A Russian exploit brokerage firm, Operation Zero, has publicly announced bounties of up to $4 million for zero-day vulnerabilities in Telegram, signaling heightened state-sponsored interest in compromising the popular messaging app. The same ...
2 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

Microsoft: New RAT malware used for crypto theft, reconnaissance - Last but not least, Microsoft says StilachiRAT allows command execution and potential SOCKS-like proxying using commands from a command-and-control (C2) server to the infected devices, which can let the threat actors reboot the compromised system, ...
6 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

CVE-2025-30139 - An issue was discovered on G-Net Dashcam BB GONX devices. Default credentials for SSID cannot be changed. It broadcasts a fixed SSID with default credentials that cannot be changed. This allows any nearby attacker to connect to the dashcam's ...
5 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120

CVE-2025-30141 - An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream. It exposes API endpoints on ports 9091 and 9092 that allow remote access to recorded and live video feeds. An attacker who ...
5 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325 CVE-2025-24085 CVE-2025-24472 CVE-2025-2229 CVE-2024-41055 CVE-2024-50629 CVE-2024-10441 CVE-2025-23120