#threat-actor

[ follow ]
#cybersecurity #data-breach #malware #command-and-control #discord #microsoft-graph-api #backdoors #vulnerability
Information security
fromThe Hacker News
1 week ago

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Webworm uses Discord and Microsoft Graph API for command-and-control, deploying new backdoors in 2025 and blending malware via a WordPress-impersonating GitHub repository.
#cybersecurity
Information security
fromThe Hacker News
3 weeks ago

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

A new threat actor targets Southeast Asian government and military entities by exploiting a critical cPanel vulnerability.
Information security
fromSecurityWeek
1 month ago

UNC6692 Uses Email Bombing, Social Engineering to Deploy 'Snow' Malware

A threat actor, UNC6692, impersonates IT support to deploy malware through phishing emails and malicious browser extensions.
fromDataBreaches.Net
7 months ago
Information security

Qantas says 'legal protections in place' as ScatteredLAPSUS$Hunters group threatens to release personal data - DataBreaches.Net

Information security
fromThe Hacker News
3 weeks ago

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

A new threat actor targets Southeast Asian government and military entities by exploiting a critical cPanel vulnerability.
Information security
fromSecurityWeek
1 month ago

UNC6692 Uses Email Bombing, Social Engineering to Deploy 'Snow' Malware

A threat actor, UNC6692, impersonates IT support to deploy malware through phishing emails and malicious browser extensions.
fromDataBreaches.Net
7 months ago
Information security

Qantas says 'legal protections in place' as ScatteredLAPSUS$Hunters group threatens to release personal data - DataBreaches.Net

more#cybersecurity
fromSecurityWeek
3 months ago

Ad Tech Company Optimizely Targeted in Cyberattack

The threat actor gained access to Optimizely's systems through a sophisticated voice-phishing attack, but was unable to escalate privileges, install software, or create any backdoors in the Optimizely environment. The incident was confined to certain internal business systems including Zendesk, records in our Salesforce CRM, and a limited set of internal documents used for back-office operations.
Information security
[ Load more ]