Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. Acco… Continue reading Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits

Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product.
The post XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits appeared first on Securi… Continue reading XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits

From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts

The Vietnam-based group has grown more sophisticated since 2013, new research shows.

The post From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts appeared first on CyberScoop.

Continue reading From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts

Breaking down the numbers: Q3 2024 cybersecurity funding activity recap

We present a list of selected cybersecurity companies that received funding during the third quarter of 2024 (Q3 2024). Apono October | 15.5 million Apono has raised $15.5 million in a Series A funding led by New Era Capital Partners, with partici… Continue reading Breaking down the numbers: Q3 2024 cybersecurity funding activity recap

Intezer raises $33 million to further develop its AI-based security operations solution

Intezer announced that it has raised $33 million in Series C funding, bringing its total capital raised to $60 million. The funding round was led by Norwest Venture Partners, with participation from all existing investors, including Intel Capital, Open… Continue reading Intezer raises $33 million to further develop its AI-based security operations solution

Shadowy hacking group targeting Israel shows outsized capabilities

A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.

The post Shadowy hacking group targeting Israel shows outsized capabilities appeared first on CyberScoop.

Continue reading Shadowy hacking group targeting Israel shows outsized capabilities

Researchers unearth highly evasive “parasitic” Linux malware

Security researchers at Intezer and BlackBerry have documented Symbiote, a wholly unique, multi-purpose piece of Linux malware that is nearly impossible to detect. “What makes Symbiote different from other Linux malware that we usually come acros… Continue reading Researchers unearth highly evasive “parasitic” Linux malware

IceID trojan delivered via hijacked email threads, compromised MS Exchange servers

A threat actor is exploiting vulnerable on-prem Microsoft Exchange servers and using hijacked email threads to deliver the IceID (BokBot) trojan without triggering email security solutions. “The payload has also moved away from using office docum… Continue reading IceID trojan delivered via hijacked email threads, compromised MS Exchange servers

A new multi-platform backdoor is leveraged by an advanced threat actor

A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2011. “In the Linux and macOS versions, it masquerades as a system update. In the Windows version, it masquerades as Intel drivers. The upd… Continue reading A new multi-platform backdoor is leveraged by an advanced threat actor