A new variant of the Vega ransomware family, designated as Zeppelin, has recently emerged, specifically targeting technology and healthcare sectors across Europe, the United States, and Canada. This development raises significant concerns in the cybersecurity community, especially for organizations reliant on technology infrastructure and sensitive data handling. Interestingly, Zeppelin appears…
The threat actor identified as UAC-0099 has intensified its campaign targeting Ukraine, utilizing a critical vulnerability in the WinRAR software to distribute the malware variant known as LONEPAGE. This method highlights a significant shift in tactics, emphasizing the exploitation of existing software vulnerabilities to facilitate attacks. According to cybersecurity firm…
Emotet Malware: A Case Study in Cybersecurity Countermeasures In a notable development in cybersecurity, research into the Emotet malware—a widely recognized email-based threat responsible for numerous botnet-driven spam and ransomware assaults—has revealed a significant vulnerability. Cybersecurity experts were able to exploit this flaw to implement a temporary kill-switch, effectively halting…
Malicious GitHub Repository Impersonating CVE-2025-55182 Scanner Exposed A GitHub repository masquerading as a vulnerability scanner for CVE-2025-55182, commonly known as “React2Shell,” was recently uncovered as a source of malware. The project, titled React2shell-scanner, was associated with the GitHub user niha0wa but has been removed from the platform after community alerts…
A recently released report by Check Point Research reveals a resurgence of cyberattacks linked to a cyberespionage group said to be affiliated with the Kazakh and Lebanese governments. This group has revisited a 13-year-old backdoor Trojan, modifying it for current use against various sectors. Known as Dark Caracal, the hackers…
Cybersecurity Experts Uncover New Windows Backdoor Tied to DeathStalker Group Cybersecurity researchers announced on Thursday the discovery of an in-memory Windows backdoor, named “PowerPepper,” linked to a hacker-for-hire collective. This sophisticated malware is capable of executing malicious code remotely and extracting sensitive information from targets across Asia, Europe, and the…
Barracuda’s latest cybersecurity report highlights a concerning rise in the unauthorized use of trusted tools, notably ScreenConnect, for remote access, coupled with a notable increase in Microsoft 365 login attempts from unfamiliar locations. The findings suggest that attackers are leveraging popular legitimate software and stolen credentials to infiltrate business networks…
New Phishing Campaign Targets Credentials Using MassLogger Malware A resurgence of the MassLogger malware has been detected, targeting credentials from major platforms including Microsoft Outlook, Google Chrome, and various instant messaging applications. This phishing campaign, primarily aimed at users in Turkey, Latvia, and Italy, began in mid-January and builds upon…
Recent cybersecurity investigations have revealed that hackers believed to be affiliated with Iran are intensively targeting academic institutions, government bodies, and tourism organizations throughout the Middle East and its neighboring countries. This campaign appears to be focused on espionage and data theft. Trend Micro has named this operation “Earth Vetala,”…
