Articles tagged "Exploit"

Found 571 articles

Actively Exploited

Attackers have taken advantage of a serious vulnerability in SimpleHelp's remote management tool to deliver malware, specifically TaskWeaver and Djinn Stealer. This exploit allows the malware to infiltrate systems that utilize SimpleHelp, which is commonly used for remote support and management. The incident poses a significant risk to organizations relying on this software, as it could lead to unauthorized access and data theft. Users and companies are urged to assess their systems and apply any necessary patches or updates to mitigate the threat. The exploitation of this vulnerability highlights the ongoing risks associated with remote management tools in the current cybersecurity environment.

Read Original
Actively Exploited

Nissan Americas has been impacted by a significant data breach linked to a zero-day vulnerability in Oracle’s PeopleSoft software, identified as CVE-2026-35273. This vulnerability has led to a series of attacks, with researchers connecting it to a group known as UNC6240, which is believed to be exploiting the weakness. The breach raises serious concerns about the security of sensitive employee information and operational data within Nissan Americas and potentially other organizations using the same software. As attackers continue to exploit this vulnerability, affected companies must act quickly to secure their systems and protect their data from further unauthorized access.

Read Original

Cyber threat intelligence provider WhoisXML API has reported a surge in newly registered domains related to the recent earthquake in Venezuela, with 212 domains registered between June 24 and June 28, 2026. This spike raises concerns about potential online scams or phishing attempts, as attackers often take advantage of natural disasters to exploit unsuspecting users. Individuals looking for information or assistance after the earthquake may inadvertently visit these malicious sites. It's crucial for users to be cautious and verify the legitimacy of websites before providing any personal information or clicking on links. This incident underscores the need for heightened awareness during crises, as cybercriminals are quick to capitalize on public interest and vulnerability.

Read Original
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

The Hacker News

Actively Exploited

A new security vulnerability, CVE-2026-48558, has been identified in SimpleHelp, a remote support software. This critical flaw, which has a maximum severity score of 10.0, allows attackers to bypass authentication during the OpenID Connect (OIDC) flow. As a result, these attackers have been exploiting this weakness to deploy two malware families: TaskWeaver and Djinn Stealer. The situation poses significant risks for users of SimpleHelp, as the malware could lead to data theft and further system compromises. Organizations using this software should take immediate action to secure their systems against this ongoing threat.

Read Original

In May, a series of phishing emails targeted hotels in Japan that partner with Booking.com. These emails tricked recipients into downloading malware hosted on a blockchain platform. The attackers aimed to exploit the trust that hotels place in Booking.com communications, leading to potential breaches of sensitive data. This incident raises concerns about the security of online booking systems and the need for increased vigilance among hotels and similar businesses. As phishing tactics evolve, it’s crucial for companies to educate their staff about recognizing fraudulent communications to prevent such attacks.

Read Original

Researchers have identified six security vulnerabilities in AirDrop and Quick Share, features that allow users to share files wirelessly. An attacker within close proximity can exploit these flaws to crash the file-sharing services on devices like Macs and iPhones that are set to receive from anyone, without needing any prior connection or user interaction. This means that anyone nearby could potentially disrupt these services simply by having a laptop. The same vulnerabilities also affect Samsung's Quick Share feature. This is concerning because it could lead to service interruptions for users and potentially allow attackers to conduct further malicious activities while users are distracted by the crashes. Users should be cautious about their AirDrop and Quick Share settings, especially in public spaces.

Read Original

A serious vulnerability, identified as CVE-2026-46817, has been discovered in Oracle E-Business Suite, allowing remote attackers to gain unauthorized access to Oracle Payments. This flaw has a high severity rating of 9.8 on the CVSS scale and is currently being exploited in real-world attacks, according to cybersecurity firm Defused Cyber. Organizations using Oracle E-Business Suite need to be particularly vigilant, as this vulnerability can lead to significant financial and operational risks. The situation is critical, and immediate action is necessary to protect sensitive payment information and other related data from unauthorized access. Users and administrators should prioritize addressing this vulnerability to mitigate potential breaches.

Read Original

ESET has reported that the Gamaredon group, a known cyber threat actor, has ramped up its activities with 35 distinct spear-phishing campaigns targeting Ukrainian governmental and military institutions in 2025, particularly in the latter half of the year. These campaigns are part of ongoing efforts to exploit vulnerabilities in these sectors amid the ongoing conflict in Ukraine. The attacks primarily use deceptive emails to trick recipients into revealing sensitive information or downloading malicious software. This increase in activity poses significant risks to national security and the integrity of critical infrastructure in Ukraine, highlighting the persistent threat posed by cyber warfare in the region. As these attacks continue, it is crucial for organizations to enhance their cybersecurity measures and remain vigilant against phishing attempts.

Read Original
212 New Venezuela Earthquake Domains Prompt Donation Scam Warnings

Hackread – Cybersecurity News, Data Breaches, AI and More

Following the recent earthquake in Venezuela, researchers identified 212 newly registered domains that could be linked to donation scams. These domains are likely set up to take advantage of people's goodwill in the aftermath of the disaster. Experts are warning potential donors to be cautious and to verify the legitimacy of any relief sites before contributing. This situation underscores the need for vigilance when it comes to online donations, especially during crises when scammers often exploit public sympathy. Ensuring that donations go to reputable organizations can help prevent fraud and ensure that aid reaches those in need.

Read Original

A recent phishing campaign is targeting hotels in Europe and Asia by using deceptive emails that reference common operational issues, such as guest complaints and health inspections. The attackers employ a Node.js implant to execute their malicious activities. Microsoft has not linked this campaign to any known threat actor, making it difficult to predict future attacks. The phishing email lures are designed to exploit hotel staff's urgency to resolve these issues, potentially leading to compromised systems and data breaches. This incident serves as a reminder for hospitality businesses to remain vigilant against phishing attempts that exploit everyday concerns.

Read Original

This week, a new vulnerability named DirtyClone was discovered in the Linux kernel, allowing local attackers to escalate privileges. This flaw emphasizes how even minor oversights, such as unpatched vulnerabilities or outdated access paths, can lead to significant security breaches. The threat is particularly concerning for users of affected Linux distributions, as attackers could potentially exploit this vulnerability to gain unauthorized access to sensitive systems. Additionally, discussions are underway in various forums about other emerging threats, including AI-driven malware tactics and the Turla backdoor, which could further complicate the security landscape. Organizations are urged to stay vigilant and apply necessary updates to protect against these risks.

Read Original
Actively Exploited

Hackers are actively exploiting a serious vulnerability, identified as CVE-2026-46817, in the Oracle E-Business Suite (EBS) financial application. This flaw poses a significant risk to businesses using the software, as it allows unauthorized access to sensitive financial data. Threat intelligence firm Defused reported that the attacks are already underway, making it crucial for organizations to take immediate action to protect their systems. Users of Oracle EBS should prioritize updating their software and implementing any available security patches to mitigate the risk of exploitation. The urgency of this situation highlights the ongoing need for vigilance in cybersecurity practices, especially for widely used enterprise applications.

Read Original
Actively Exploited

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning about a phishing campaign linked to Russian hackers that targets users of the messaging app Signal. This campaign has evolved to specifically steal Signal Backup Recovery Keys, which can grant attackers access to a user's past messages. This poses a significant risk for Signal users, as it could expose sensitive communications and personal information. The attackers are likely aiming to exploit this access for espionage or other malicious activities. Users are urged to be vigilant about suspicious messages and to take steps to secure their accounts against potential phishing attempts.

Read Original

Researchers from Palo Alto Networks Unit 42 have reported that a Chinese-speaking advanced persistent threat group, tracked as CL-STA-1062, has been targeting government and energy networks in Southeast Asia. This group has been active since at least March 2022 and has recently intensified its operations in the region, employing custom malware known as TinyRCT to exploit vulnerabilities in critical infrastructure. The focus on Southeast Asia raises concerns about the security of essential services and the potential for significant disruptions. As these attacks target vital sectors, governments and organizations in the region need to bolster their cybersecurity defenses to mitigate risks posed by such sophisticated threats.

Read Original

A newly discovered vulnerability in the Linux kernel, identified as CVE-2026-46331 and dubbed 'pedit COW', poses a significant risk by allowing unprivileged local users to gain root access on affected systems. This flaw resides in the traffic-control subsystem, specifically in the packet-editing action (act_pedit), which can lead to an out-of-bounds write that corrupts shared page-cache memory. The public release of a working exploit occurred just a day after the vulnerability was disclosed on June 16, raising concerns about its potential for exploitation. Red Hat has classified this flaw as important, emphasizing the urgency for users to assess their systems and apply necessary security measures. Given the rapid emergence of exploits, organizations using Linux systems should prioritize patching and monitoring for unusual activity to mitigate the risk of unauthorized access.

Read Original
PreviousPage 5 of 39Next