Author Archives: Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation.
“Zoho ManageEngine… Continue reading CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability→

A hack-for-hire group that was first exposed in 2019 has expanded its focus to set its sights on entities with business or political ties to Russia.
Dubbed Void Balaur, the cyber mercenary collective has a history of launching cyberattacks against bio… Continue reading Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities→

An SMS-based phishing campaign is targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application.
The Microsoft 365 Defender Research Team said that the messages contain links that redirect users to a s… Continue reading Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware→

Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam.
“The threat actor launched credential stuffing attacks aga… Continue reading Hackers Using Malicious OAuth Apps to Take Over Email Servers→

A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday.
The intrusions, originally attributed … Continue reading Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs→

A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind, once again indicating attempts on the part of threat actors to distribute malicious code in open source software repositories.
Material Tailw… Continue reading Malicious NPM Package Caught Mimicking Material Tailwind CSS Package→

Researchers have disclosed a new severe Oracle Cloud Infrastructure (OCI) vulnerability that could be exploited by users to access the virtual disks of other Oracle customers.
“Each virtual disk in Oracle’s cloud has a unique identifier called OCID,” … Continue reading Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure→

As many as 350,000 open source projects are believed to be potentially vulnerable to exploitation as a result of a security flaw in a Python module that has remained unpatched for 15 years.
The open source repositories span a number of industry vertic… Continue reading 15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects→

A now-patched critical security flaw affecting Atlassian Confluence Server that came to light a few months ago is being actively exploited for illicit cryptocurrency mining on unpatched installations.
“If left unremedied and successfully exploited, th… Continue reading Hackers Targeting Unpatched Atlassian Confluence Servers to Deploy Crypto Miners→

An unknown attacker targeted tens of thousands of unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner.
It’s not immediately known if all of these hosts were successfully compromised. Nonetheless, it wa… Continue reading Over 39,000 Unauthenticated Redis Instances Found Exposed on the Internet→