DESTAQUES

Ameaças Cibernéticas

1221 notícias
Ameaças Cibernéticas The Hacker News 🇺🇸

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. "These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital cert…

Ameaças Cibernéticas HIPAA Clicks 🇺🇸

Urgent Action Required by MOVEit Automation Users

Progress Software has issued a warning to customers about a critical authentication bypass vulnerability within the MOVEit Automation application. MOVEit […] The post Urgent Action Required by MOVEit Automation Users appeared first on The HIPAA Journal.

Ameaças Cibernéticas Dark Reading 🇺🇸

How the Story of a USB Penetration Test Went Viral

Two decades ago Dark Reading posted its first blockbuster — a story from a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making column with its author Steve Stasiukonis,…

Ameaças Cibernéticas The Hacker News 🇺🇸

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck. The vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could …

Ameaças Cibernéticas Bleeping Computer 🇺🇸

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild. The vulnerability (CVE-2026-22679, CVSS score: 9.8) relates to a case of unauthenticated remote code exe…

Ameaças Cibernéticas The Hacker News 🇺🇸

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, obse…

Ameaças Cibernéticas Dark Reading 🇺🇸

RMM Tools Fuel Stealthy Phishing Campaign

Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.

Ameaças Cibernéticas The Hacker News 🇺🇸

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts. The activity, codenamed VENOMOUS#HELPER, has im…

Link copiado!