Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns

Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. "The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations, including an

The Hacker News
Open in Source
#backdoor#mongo#The Hacker News
Thousands of Live Hacker Backdoors Found in Expired Domains

SUMMARY Cybersecurity researchers at watchTowr have identified over 4,000 live hacker backdoors, exploiting abandoned infrastructure and expired domains.…

New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities

Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. "The key

FireScam Android Spyware Campaign Poses 'Significant Threat Worldwide'

A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.

EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets

The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google's Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source

Emerging Threats & Vulnerabilities to Prepare for in 2025

From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.

Middle East Cyberwar Rages On, With No End in Sight

Since October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas, reeling in others on a global scale.

US Ban on TP-Link Routers More About Politics Than Exploitation Risk

While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company's popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing.

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are