News

Cyber Security News
cyberpress. org > steganographic-webshell-mimikatz-execution

Threat Actor Uses Steganographic Webshell and Defence Impairment Before Mimikatz Execution

8+ hour, 5+ min ago  (349+ words) In a recent incident beginning on June 7, attackers deployed a steganographic webshell after a likely Adobe Cold Fusion exploit. Before eventually deploying Mimikatz for credential dumping, the attackers executed an extensive array of evasion commands to blind security teams and…...

Symbols: cert-ua
Cyber Security News
cyberpress. org > dropbox-tunnels-deliver-asyncrat

Hackers Use Dropbox URLs and Try Cloudflare Tunnels to Deliver Async RAT Malware

4+ hour, 37+ min ago  (381+ words) A sophisticated Async RAT malware campaign exploiting legitimate services to bypass detection. Threat actors are using Dropbox URLs and Try Cloudflare Quick Tunnels to deliver malicious Python packages to unsuspecting victims. This campaign highlights a growing trend of attackers weaponizing…...

Cyber Security News
cyberpress. org > opera-paste-protect-blocks-clipboard-attacks

Opera Paste Protect Blocks Clipboard Attacks and Click Fix Code Injection

4+ hour, 33+ min ago  (303+ words) Opera has introduced Paste Protect, becoming the first major browser to ship a native, built-in defense against clipboard-based attacks. The security feature is designed to block both clipboard hijacking and the rapidly growing Click Fix code injection technique. The feature…...

Symbols: btc-usd,eth-usd,xrp-usd
Cyber Security News
cyberpress. org > seo-poisoning-spreads-screenconnect

Screen Connect Malware Campaign Uses SEO Poisoning to Target Freeware Downloads

6+ hour, 58+ min ago  (358+ words) The threat actors employ sophisticated search engine optimization (SEO) poisoning to push malicious websites to the top of Google and Bing search results, tricking users into downloading what appears to be legitimate freeware. This highly coordinated attack ultimately deploys the…...

Cyber Security News
cyberpress. org > apple-privacy-feature-fails-hide-real-email

Apple Privacy Feature Fails to Hide Real Email Addresses Due to Unpatched Flaw

9+ hour, 30+ min ago  (417+ words) A long-standing vulnerability in Apple's "Hide My Email" feature allows almost anyone to uncover the real email address behind a supposedly anonymous alias, and Apple has failed to fix the issue for more than a year despite being warned. The…...

Symbols: cert.pl
Cyber Security News
cyberpress. org > jadepuffer-breaches-production-database

JADEPUFFER Uses Min IO Default Credentials and Nacos Takeover to Breach Production Database

10+ hour, 26+ min ago  (342+ words) Ransomware operations have historically relied on human operators, but a new era of automated threats has arrived. Security researchers have identified JADEPUFFER, an Agentic Threat Actor (ATA) that executed the first documented end-to-end extortion campaign driven entirely by a Large…...

Symbols: nyse:path
Cyber Security News
cyberpress. org > stealth-webshell-mimikatz-attack

Threat Actor Uses Steganographic Webshell and Mimikatz After Disabling Endpoint Defenses

10+ hour, 54+ min ago  (324+ words) A recent incident response investigation has exposed a sophisticated attack chain in which threat actors used steganographic webshells and extensive defense-evasion techniques to compromise a web server. The attack underscores the critical importance of comprehensive remediation, as the attackers repeatedly…...

Symbols: cwe-59
Cyber Security News
cyberpress. org > lshiy-password-spray-campaign

LSHIY Password Spray Campaign Targets Microsoft 365 Accounts With 81 Million Login Attempts

10+ hour, 34+ min ago  (559+ words) A massive automated password-spray campaign against Microsoft's Azure command-line interface has racked up more than 81 million login attempts in just two weeks. Huntress researchers traced the attack to an IPv6 range controlled by internet infrastructure provider LSHIY LLC (AS32167). Between June 12 and…...

Cyber Security News
cyberpress. org > cursor-ide-critical-rce-flaws

Cursor IDE Critical RCE Flaws Let Attackers Overwrite System Files via Prompt Injection

11+ hour, 19+ min ago  (467+ words) Two critical remote code execution flaws in Cursor IDE let attackers exploit prompt injection to escape the editor's sandbox and take over developer machines. Cato AI Labs has disclosed these vulnerabilities, collectively named "Dune Slide," affecting the AI-powered code editor…...

Symbols: cwe-78
Cyber Security News
cyberpress. org > ai-built-browser-ransomware-workflows

Deep Seek-Generated Malware Shows How AI Can Build Browser-Native Ransomware Workflows

11+ hour, 56+ min ago  (421+ words) Large language models have drastically changed software development, and cybercriminals are quickly adopting these tools to build malicious payloads. While vendors like Open AI and Anthropic have implemented strict cyber-safety guardrails to block harmful requests, other models present a different…...

Symbols: btc-usd,^n2250,eth-usd