Sign in Subscribe

Edward Crowder

Editor in Chief and founder of CyberRisks.ai, previously a threat intelligence researcher at a top global MDR, specializes in global major incident detection and response.

New Backdoor Targeting Taiwan Employs Stealthy Communications

New Backdoor Targeting Taiwan Employs Stealthy Communications

On August 20, 2024, Symantec released a security bulletin revealing a previously unseen backdoor, dubbed "Backdoor.Msupedge," that targets a university in Taiwan.

Xeon Sender: A Repurposed Crimeware Tool Targeting SaaS Credentials for SMS Spam

Xeon Sender: A Repurposed Crimeware Tool Targeting SaaS Credentials for SMS Spam

On August 19, 2024, SentinelOne released a report on the rise and repurposing of Xeon Sender, a Python script initially discovered in 2022, which has since been exploited by various threat actors.

Toyota Confirms Data Breach Through Third-Party Vendor, Customer Information Exposed

Toyota Confirms Data Breach Through Third-Party Vendor, Customer Information Exposed

On August 19, 2024, Toyota confirmed a data breach involving customer and employee data after a threat actor leaked a 240GB archive of stolen files on a hacking forum. The breach did not directly compromise Toyota’s systems.

CISA Adds Jenkins CLI Path Traversal Vulnerability to Known Exploited Vulnerabilities Catalogue

CISA Adds Jenkins CLI Path Traversal Vulnerability to Known Exploited Vulnerabilities Catalogue

On August 19, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) added a new vulnerability, CVE-2024-23897, to its Known Exploited Vulnerabilities (KEV) Catalog.

GreenCharlie Infrastructure Linked to US Political Campaign Targeting

GreenCharlie Infrastructure Linked to US Political Campaign Targeting

On August 20, 2024, Insikt Group released a comprehensive threat analysis report revealing a significant link between the Iran-backed GreenCharlie group and recent cyber espionage activities targeting US political campaigns.

Microsoft macOS Apps Vulnerable to Permission Exploitation Through Library Injection

Microsoft macOS Apps Vulnerable to Permission Exploitation Through Library Injection

On August 19, 2024, Cisco Talos reported eight critical vulnerabilities in Microsoft applications running on macOS. These vulnerabilities allow attackers to exploit application permissions and entitlements by injecting malicious libraries.

Ailurophile Stealer: A New Infostealer Emerges with Customizable Malware Stubs

Ailurophile Stealer: A New Infostealer Emerges with Customizable Malware Stubs

On August 16, 2024, G DATA released a detailed blog post highlighting the emergence of a new info stealer named "Ailurophile Stealer." The malware, developed in PHP, exhibits unique characteristics, particularly its customization options available through a subscription-based web panel.