Threat Research | Weekly Recap [08 June 2025]

This week’s cybersecurity recap highlights ongoing threats from phishing and social engineering campaigns targeting various sectors, including finance and government, with sophisticated tactics like fake CAPTCHA frameworks and Phishing-as-a-Service platforms. Malware developments include stealthy RATs such as DuplexSpy and Chaos RAT, along with advanced infostealers like OtterCookie, all posing significant risks to corporate and crypto assets; supply chain threats involve malicious repositories and compromised developer tools. The report also covers notable APT activities by groups like UNC5174, OilRig, and Kimsuky, alongside infrastructure attacks exploiting IoT and cloud misconfigurations. Emerging tools like RayV Lite facilitate hardware-level attacks, illustrating the evolving landscape of cyber threats. #ClickFix #FlowerStorm #LazarusGroup #ChaosRAT #Mirai #RayVLite

Read More
In Other News: FBI Warns of BadBox 2, NSO Disputes WhatsApp Fine, 1,000 Leave CISA

This week’s cybersecurity updates highlight ongoing threats, including the BadBox 2 botnet targeting IoT devices and fraud associated with Hedera Hashgraph NFTs. Major organizations like the FBI, NSO Group, and Microsoft announced actions and initiatives to combat cyber threats and improve security resilience. #BadBox2 #NSOGroup #HederaHashgraph #CISA #MicrosoftEuropeanSecurity…

Read More
CISA Adds Actively Exploited Flaws in ASUS RT-AX55, Craft CMS, and ConnectWise ScreenConnect to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added several critical vulnerabilities affecting ASUS RT-AX55 routers, Craft CMS, and ConnectWise ScreenConnect to its Known Exploited Vulnerabilities catalog. These flaws have been exploited by threat actors, leading to remote code execution and persistent backdoors, emphasizing the need for immediate patching. #ASUSRT-AX55 #CraftCMS…

Read More
CISA warns of ConnectWise ScreenConnect bug exploited in attacks

CISA alerts U.S. federal agencies about hackers exploiting a recently patched ScreenConnect vulnerability for remote code execution and highlights active attacks on ASUS routers and Craft CMS. The threats include multiple security flaws, with some involving state-sponsored cyber activities targeted at specific devices and content management systems. #ScreenConnect #ASUSRouterVulnerabilities #CraftCMS

Read More
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub

Cybersecurity researchers have uncovered a cryptojacking campaign exploiting misconfigured DevOps servers like Docker, Gitea, and HashiCorp Consul and Nomad to mine cryptocurrencies illicitly. The campaign uses known vulnerabilities and misconfigurations, with threat actors downloading tools from GitHub to hide attribution efforts. #JINX-0132 #Cryptojacking…

Read More
Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland… – SWN #481

The episode covers recent cybersecurity threats, including vulnerabilities in Edge, Safari, ASUS routers, and cloud services like OneDrive, highlighting new attack techniques and concerns about AI-generated content. It also discusses geopolitical cyber warfare, CISO compensation satisfaction, and advancements in AI video generation, illustrating both opportunities and risks. #ThreatLocker #UNC6032

Read More
Cybersecurity News | Daily Recap [06 Jun 2025]

Recent cybersecurity reports highlight targeted attacks on retail giants like Victoria’s Secret using ransomware, along with widespread data breaches affecting millions including LexisNexis. Notable threats include Chinese APT groups APT41 and APT31 exploiting cloud and zero-day vulnerabilities, along with botnets like AyySSHush and PumaBot compromising IoT devices. #Victoria’sSecret #APT41 #AyySSHush

Read More