An email vulnerability let hackers steal data from governments around the world

An email vulnerability let hackers steal data from governments around the world

Google's Threat Analysis Group revealed on Thursday that it discovered and worked to help patch an email server flaw used to steal data from governments in Greece, Moldova, Tunisia, Vietnam and Pakistan. The exploit, known as CVE-2023-37580, targeted email server...
APTs Swarm Zimbra Zero-Day to Steal Government Info Worldwide

APTs Swarm Zimbra Zero-Day to Steal Government Info Worldwide

At least four separate cyberattack groups have used a former zero-day security vulnerability in the Zimbra Collaboration Suite (ZCS) to steal email data, user credentials, and authentication tokens from government organizations globally.ZCS is an email server, calendaring, and chat and...
Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys

Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys

Two trojanized Python and PHP packages have been uncovered in what's yet one more occasion of a software program provide chain assault concentrating on the open supply ecosystem. One of the packages in query is "ctx," a Python module obtainable...

These Iranian hackers disguised themselves as scholars to steal email passwords

The Iranian cyber spy marketing campaign used a phishing assault designed to steal Middle Eastern knowledgeable password particulars from universities, suppose tanks, and the media utilizing the spoofing IDs of actual scholars at British universities. The marketing campaign, dubbed Operation...

These Iranian hackers posed as academics in a bid to steal email passwords

An Iranian cyber espionage marketing campaign used spoofed identities of actual academics at a UK college in phishing assaults designed to steal password particulars of specialists in Middle Eastern affairs from universities, suppose tanks and the media. Detailed by cybersecurity researchers...

ALPACA gnaws through TLS protection to snarf cookies and steal data • The Register

Academics from three German universities have discovered a vulnerability within the Transport Layer Security (TLS) protocol that underneath restricted circumstances permits the theft of session cookies and allows cross-site scripting assaults. Dubbed ALPACA, which is brief for "Application Layer Protocol...

Panda Stealer dropped in Excel files, spreads through Discord to steal user cryptocurrency

A brand new cryptocurrency stealer variant is being unfold through a worldwide spam marketing campaign and probably through Discord channels.  Dubbed Panda Stealer, Trend Micro researchers said this week that the malware has been discovered concentrating on people throughout international...