Jul 07, 2025Ravie LakshmananCybersecurity / Hacking Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is …
wikdaily 2025. Designed and Developed by Pro
Tag:
Exploits
- Security
NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors
by Wikdailyby WikdailyJul 04, 2025Ravie LakshmananZero-Day / Cyber Espionage Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers …
ESET experts discuss Sandworm’s new data wiper, relentless campaigns by UnsolicitedBooker, attribution challenges amid tool-sharing, and other key findings from the latest APT Activity Report 01 Jul 2025 • , …
- Security
Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits
by Wikdailyby WikdailyCybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic’s Model Context Protocol (MCP) Inspector project that could result in remote code execution (RCE) and allow …
- Security
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
by Wikdailyby WikdailyJun 25, 2025Ravie LakshmananVPN Security / Malware Unknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials from unsuspecting users who may …
- Security
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
by Wikdailyby WikdailyJun 24, 2025Ravie LakshmananCyber Espionage / Chinese Hackers The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks …
- Security
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks
by Wikdailyby WikdailyJun 23, 2025Ravie LakshmananCyber Espionage / Vulnerability Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. …
- Security
Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign
by Wikdailyby WikdailyJun 19, 2025Ravie LakshmananEmail Security / Identity Protection Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or …
“More_eggs is a modular JavaScript backdoor offered as malware-as-a-service that allows for command execution, credential theft, and follow-on payload delivery, often operating in memory to evade detection,” researchers explained. The …
- Security
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
by Wikdailyby WikdailyCybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer …
Newer Posts