DESTAQUES

Ameaças Cibernéticas

1627 notícias
Ameaças Cibernéticas The Hacker News 🇺🇸

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Rem…

Ameaças Cibernéticas The Hacker News 🇺🇸

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Google API. "In this campaign, the attackers focused their attention on corporate email communications ho…

Ameaças Cibernéticas Boletim Sec 🇧🇷

Ransomware usa drivers assinados para burlar proteções no Windows

Cibercriminosos estão usando drivers legítimos do Windows para desativar antivírus e ferramentas de detecção em ataques contra empresas. A técnica é conhecida como BYOVD, sigla em inglês para “traga seu próprio driver vulnerável”. O método se aproveita de drivers reais, assinados…

Ameaças Cibernéticas Boletim Sec 🇧🇷

Falha em biblioteca Rust da Anthropic pode causar negação de serviço

Uma vulnerabilidade zero day na biblioteca Buffa, usada em implementações Rust ligadas a dados em formato protobuf, pode permitir ataques de negação de serviço contra aplicações que processam mensagens não confiáveis. A falha foi identificada como CVE-2026-55407 e também rastread…

Ameaças Cibernéticas The Hacker News 🇺🇸

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing credentials, moving…

Ameaças Cibernéticas The Hacker News 🇺🇸

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. "An operator tied to FortiBleed's infrastructure was found active…

Ameaças Cibernéticas The Hacker News 🇺🇸

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts yo…

Ameaças Cibernéticas The Hacker News 🇺🇸

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-456…

Link copiado!