Cybersecurity experts have identified a significant vulnerability in Jenkins, a widely-used continuous integration and delivery platform. Attackers can exploit improperly configured Jenkins Script Console instances to facilitate malicious activities, including cryptocurrency mining. Shubham Singh and Sunil Bharti from Trend Micro recently detailed this risk, noting that misconfigurations related to authentication…
ViperSoftX Malware Exploits eBook Distribution for Stealthy PowerShell Execution The sophisticated malware known as ViperSoftX has recently been detected in a new distribution method involving the use of eBooks shared through torrent sites. Since its first identification by Fortinet in 2020, ViperSoftX has become notorious for its ability to exfiltrate…
Cyber threat actors are now actively taking advantage of a critical vulnerability that has been recently patched in Atlassian Confluence Data Center and Confluence Server software. This vulnerability has been leveraged to facilitate unauthorized cryptocurrency mining on vulnerable systems. According to Trend Micro’s researcher Abdelrahman Esmail, the attackers have employed…
New Malware Campaign Targets Japanese Organizations: A Deep Dive into the Cuckoo Spear Campaign Recent intelligence from Israeli cybersecurity firm Cybereason has unveiled a sophisticated malware campaign that poses significant threats to organizations in Japan. This operation is led by a nation-state actor from China, which has been leveraging advanced…
The China-supported hacking group known as Earth Baku has expanded its operational focus, shifting from mainly Indo-Pacific targets to include nations across Europe, the Middle East, and Africa since late 2022. Countries recently identified as potential targets of this group include Italy, Germany, the United Arab Emirates, and Qatar, with…
