ALERTS EXPLOIT
HOME APT BOTNET CAMPAIGN CRIME CRYPTOCURRENCY EXPLOIT HACKING GROUP OPERATION PHISHING RANSOM SPAM VIRUS VULNEREBILITY
DATE | NAME |
INFO |
CATEGORY |
SUBCATE |
| 29.4.25 | China-linked threat actors exploit NFC Tech | China-linked threat actors are exploiting NFC technologies for fraudulent activities targeting financial institutions worldwide, causing significant losses. Sophisticated tools like Z-NFC and King NFC are used to facilitate illegal transactions. These tools leverage Near Field Communication (NFC) technology, which is essential for contactless payments and applications relying on Host Card Emulation (HCE). | EXPLOIT | |
| 27.1.25 | GTA VI Hype Exploited: Malware Masquerades as Early Alpha Access | The hype surrounding popular games often becomes a breeding ground for cybercrime, and Grand Theft Auto VI is no exception. A highly anticipated next installment in Rockstar Games' iconic open-world action-adventure series. Officially announced in December 2023, the game is set to release in late 2025 for PlayStation and Xbox. | ALERTS | EXPLOIT |
8.8.24 | SbaProxy leveraged to hijack legitimate antivirus software | A recent report detailed how threat actors are leveraging a tool dubbed 'SbaProxy' disguised as a legitimate anti-virus software component to be able to create a proxy connection through a C2 server. The tool is distributed with malicious intent and in multiple formats such as DLLs, EXEs, and PowerShell scripts, which makes it challenging to detect due to its authentic look and advanced functionality. | EXPLOIT | |
27.7.24 | Malware campaign exploits SEO poisoning to target W2 Form seekers | A malware campaign has been reported targeting users searching for W2 forms through SEO poisoning techniques. Victims are redirected to spoofed IRS websites, where they are lured into downloading a masqueraded JS file disguised as a W2 form. | ALERTS | EXPLOIT |
19.7.24 | Zero-Day Exploit: Malicious .url Files Leveraging CVE-2024-38112 on Windows | An ongoing campaign targeting Windows users has been observed. Threat actors distribute phishing emails containing Windows Internet Shortcut files with a .url extension. | ALERTS | EXPLOIT |
10.5.24 | Exploitation of Ivanti Pulse Secure vulnerabilities for Mirai botnet delivery | In January of this year, Ivanti reported two vulnerabilities, CVE-2023-46805 (Authentication Bypass) & CVE-2024-21887 (Command Injection), affecting Ivanti Connect Secure and Ivanti Policy Secure Gateways. | ALERTS | EXPLOIT |
10.5.24 | Russian bulletproof hosting services exploited for malicious activities, SocGholish malware campaigns | The use of Russian bulletproof hosting services for hosting malicious activities, including command-and-control (C2) servers and phishing pages distributing SocGholish malware, has been reported. Multiple malware campaigns in recent months have utilized the Matanbuchus loader, with their C2 infrastructure hosted on bulletproof hosting services like "Proton66 OOO". | ALERTS | EXPLOIT |