Advertisement
SHub Reaper Stealer Backdoors macOS via Spoofed Apps
SHub Reaper stealer targets macOS, using fake Google, Microsoft, Apple, WeChat, and Miro installers for Apple script-based execution and backdooring.
SHub macOS Infostealer Spoofs Apple Security Updates, Installs Backdoor
A new SHub macOS infostealer variant employs fake Apple security update prompts via AppleScript to install a backdoor, threatening user data and system integrity.
Silver Fox APT: Tax-Themed Phishing Delivers ABCDoor to India, Russia
China-backed Silver Fox APT targets organizations in India and Russia with over 1,600 tax-themed phishing messages to deploy ABCDoor backdoor and ValleyRAT.
WordPress Quick Page/Post Redirect Backdoor: Arbitrary Code Injection
A dormant backdoor in the Quick Page/Post Redirect WordPress plugin allowed arbitrary code injection for five years on over 70,000 sites. Learn mitigation.
UNC6692 Targets Microsoft Teams to Deploy Snow Malware
UNC6692 is leveraging Microsoft Teams and social engineering to deliver the modular Snow malware suite, facilitating long-term persistence and data theft.
Firestarter Backdoor Infects Cisco Firewall at US Federal Agency
Analysis of the Firestarter backdoor on Cisco firewalls, detailing its remote access capabilities, post-patch persistence, and mitigation strategies.
APT41 Deploys Stealth Backdoor for Cloud Credential Harvesting
China-linked APT41 is targeting AWS, Azure, and Google Cloud with a new zero-detection backdoor designed to harvest credentials and maintain persistence.
Red Menshen APT Deploys Upgraded BPFdoor Backdoor Against Telcos
Chinese APT Red Menshen utilizes an upgraded BPFdoor backdoor to target global telecommunication companies, bypassing traditional defenses. Active threat hunting is
Fake Next.js Job Interview Tests Backdoor Developers
Microsoft Defender discovered a campaign where malicious Next.js job interview tests backdoor developers' devices, posing a supply chain risk.