Emerging HanGhost Loader Malware Targets Corporate Finance and Operations A new malware campaign centered around the HanGhost loader is making waves, specifically targeting corporate environments. This malicious initiative primarily aims at employees involved in payment processing, logistics, and contract management. With a stealthy approach designed to evade detection, HanGhost seeks…
On Friday, Microsoft reported a significant security incident involving the exploitation of two zero-day vulnerabilities in Microsoft Exchange servers by a single threat actor group as far back as August 2022. This group successfully gained initial access through coordinated attacks targeting fewer than ten organizations worldwide. The compromises facilitated the…
Open source developers utilizing GitHub have been alerted to a phishing email campaign aimed at infecting their systems with a sophisticated malware trojan known as Dimnie. This malicious software is designed to perform reconnaissance and espionage, enabling attackers to steal login credentials, download confidential files, capture screenshots, log keystrokes on…
The infamous hacking collective known as Dragonfly has resurfaced, renewing its focus on targeting energy sector companies in the United States and Europe. Having been active since at least 2011, this well-resourced group is notorious for its sophisticated cyber-espionage campaigns aimed at critical infrastructure, particularly within the energy domain. Research…
Cybercriminals, notably state-sponsored hackers, have begun exploiting a newly uncovered vulnerability in Microsoft Office that the company has not classified as a security risk nor plans to address with a patch. This vulnerability involves the Dynamic Data Exchange (DDE) feature in Microsoft Office, which allows applications to share data seamlessly…
Exploitation of Critical PaperCut Vulnerability Raises Alarm in Cybersecurity Community Recent findings by cybersecurity researchers have uncovered a concerning method for exploiting a recently identified critical vulnerability in PaperCut servers, which appears to outsmart existing detection mechanisms. The flaw, cataloged as CVE-2023-27350 and carrying a CVSS score of 9.8, poses…
New Ransomware CACTUS Exploits VPN Vulnerabilities in Ongoing Cyber Attacks Cybersecurity researchers have identified a new strain of ransomware, dubbed CACTUS, which exploits known vulnerabilities in VPN appliances to gain entry into targeted networks. This ransomware variant has primarily targeted large commercial enterprises since its emergence in March 2023. Upon…
Between late December 2025 and mid-January 2026, a sophisticated cyber operation targeted government officials and international diplomats. Researchers from Dream Labs uncovered that the hackers, identified as the China-backed Mustang Panda group (also known as HoneyMyte), successfully impersonated U.S. and other international entities. They utilized counterfeit documents to deceive high-level…
Researchers have identified a significant vulnerability in the Credential Security Support Provider protocol (CredSSP), impacting all current versions of Windows. This flaw could empower remote attackers to exploit both Remote Desktop Protocol (RDP) and Windows Remote Management (WinRM) to gain unauthorized access to sensitive data and execute malicious code on…
