Apple has patched a critical flaw in its Messages app exploited in targeted attacks against journalists using advanced spyware. The vulnerability, known as CVE-2025-43200, was exploited through zero-click attacks and linked to sophisticated state-sponsored hacking operations. #CVE-2025-43200 #GraphiteSpyware…
Tag: MACOS
Malicious open source packages targeting blockchain developers are increasingly used to steal cryptowallet credentials, drain funds, mine cryptocurrency, and hijack clipboard data. Threat actors, including nation-state groups, exploit supply chain vulnerabilities in registries like npm and PyPI, impacting ecosystems such as Ethereum, Solana, TRON, and TON. #ContagiousInterview #BeaverTail #InvisibleFerret #XMRig #ClipboardHijackers
Palo Alto Networks has issued security advisories on June 11, 2025, to fix multiple vulnerabilities across several products, including GlobalProtect App, PAN-OS, and Prisma Access Browser. Users are urged to review the security updates and apply the necessary patches to protect their systems. #PaloAltoNetworks #GlobalProtect #PANOS #PrismaAccess…
Palo Alto Networks has released seven security advisories addressing multiple vulnerabilities in its products, including critical flaws in GlobalProtect and PAN-OS, as well as recent Chrome fixes. These vulnerabilities could allow attackers with network or administrative access to escalate privileges, inject code, or intercept unencrypted data, though no exploitation has been…
Adobe has issued critical security updates for several products, including Acrobat Reader, Commerce, InCopy, and Experience Manager, addressing multiple vulnerabilities. While no active exploits are known, these flaws pose significant risks like remote code execution and privilege escalation. #AdobeAcrobatReader #AdobeCommerce #InCopy #ExperienceManager…
FIN6 has shifted from traditional financial fraud to employing sophisticated social engineering tactics, impersonating job seekers to target recruiters and deploy malware. They use convincing resumes, fake domains, and advanced evasion techniques to deliver the ‘More Eggs’ backdoor, emphasizing the importance of cautious verification processes. #FIN6 #MoreEggs
FIN6, also known as Skeleton Spider, employs sophisticated social engineering tactics leveraging professional job platforms to distribute the Moreeggs backdoor via cloud-hosted malicious infrastructure. Their campaigns utilize fake resumes, CAPTCHA protections, and environmental filtering to evade detection and deliver ransomware and credential theft malware. #FIN6 #Moreeggs #Skeleton_Spider
This cybersecurity update highlights recent critical vulnerabilities, advanced malware campaigns, and nation-state hacking activities, emphasizing the importance of proactive defense. Key incidents include Google Chrome fixing an exploited 0-day, PathWiper targeting Ukraine, and sophisticated zero-click attacks on iPhones. #ChromeZeroDay #PathWiper #SaltTyphoon…
Anomalous iPhone crashes linked to sophisticated zero-click exploits targeting a vulnerability called Nickname have been observed mainly in high-value individuals in the EU and US. These targeted attacks, associated with Chinese state-sponsored hackers, exploit iMessage vulnerabilities to potentially compromise devices without user interaction. #NickameVulnerability #ChineseHackers…
![Threat Research | Weekly Recap [08 June 2025]](https://www.hendryadrian.com/tweet/image/cybersecuritynews.png "Threat Research | Weekly Recap [08 June 2025]")
This week’s cybersecurity recap highlights ongoing threats from phishing and social engineering campaigns targeting various sectors, including finance and government, with sophisticated tactics like fake CAPTCHA frameworks and Phishing-as-a-Service platforms. Malware developments include stealthy RATs such as DuplexSpy and Chaos RAT, along with advanced infostealers like OtterCookie, all posing significant risks to corporate and crypto assets; supply chain threats involve malicious repositories and compromised developer tools. The report also covers notable APT activities by groups like UNC5174, OilRig, and Kimsuky, alongside infrastructure attacks exploiting IoT and cloud misconfigurations. Emerging tools like RayV Lite facilitate hardware-level attacks, illustrating the evolving landscape of cyber threats. #ClickFix #FlowerStorm #LazarusGroup #ChaosRAT #Mirai #RayVLite
![Cybersecurity News | Daily Recap [07 Jun 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [07 Jun 2025]")
Multiple critical vulnerabilities have been identified across various platforms, including HPE Insight Remote Support, FreeRTOS-Plus-TCP, AWS Amplify Studio, and Apache Tomcat, urging immediate patching to prevent exploits leading to system crashes and denial of service. Additionally, recent ransomware campaigns targeted organizations like Optima Tax Relief and Kettering Health, while nation-state actors have engaged in espionage and infrastructure attacks, notably in Ukraine and Armenia. #HPE RCE Flaw #FreeRTOS Flaw #AWS Amplify RCE #Tomcat DoS #Optima Tax Chaos #Kettering Interlock #Bitter APT #UNC5792 #Atomic macOS Stealer #PathWiper Malware
A sophisticated macOS malware called “mac.c Stealer” is being sold on the dark web, including source code, control panel, and builder, raising security concerns. Its availability could lead to more customized variants and easier attacks on macOS users. #mac.cStealer #DarkWebSelling…
Cybersecurity researchers warn about a new ClickFix malware campaign targeting macOS users with social engineering tactics to install Atomic macOS Stealer (AMOS). The attack involves fake Spectrum impersonation sites and malicious shell scripts that deceive users into revealing passwords, leading to data theft and lateral movement. #ClickFix #AtomicStealer…
Two malicious npm packages, express-api-sync and system-health-sync-api, contain backdoors designed to wipe out entire production environments when triggered. These packages use hidden endpoints, cross-platform destruction commands, and covert email communication channels to gather intelligence and execute system destruction. #express-api-sync #system-health-sync-api #botsailer #npm
Infostealers have become a significant cyber threat, accounting for almost a quarter of all incidents detected by Huntress in 2024, by harvesting sensitive credentials and data that fuel ransomware, extortion, and identity theft attacks. The evolution of infostealers, their targeting of diverse information including corporate credentials and cloud keys, and the law enforcement takedowns of related marketplaces highlight both the risks and ongoing efforts to combat these threats. #Infostealers #LummaStealer #RedLine #BansheeStealer