Malware & Threats CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks Attackers have been exploiting a second vulnerability in BeyondTrust’s remote management solutions, CISA warns. Ionut ArghireJanuary 14, 2025
Data Breaches Infostealer Infections Lead to Telefonica Ticketing System Breach Infostealer malware allowed threat actors to compromise Telefonica employees’ credentials and access the company’s internal ticketing system. Ionut ArghireJanuary 14, 2025
Malware & Threats Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability A fake proof-of-concept (PoC) exploit for a recent LDAP vulnerability distributes information stealer malware. Ionut ArghireJanuary 13, 2025
Malware & Threats Banshee macOS Malware Expands Targeting The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian language installed. Ionut ArghireJanuary 10, 2025
Malware & Threats Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies. Eduard KovacsJanuary 9, 2025
Malware & Threats Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product Ivanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line. Ryan NaraineJanuary 8, 2025