Sign in Subscribe

Exploited in the wild

ESET Uncovers Two Critical Code Execution Vulnerabilities in WPS Office, Exploited by APT-C-60

ESET Uncovers Two Critical Code Execution Vulnerabilities in WPS Office, Exploited by APT-C-60

South Korea-aligned cyber espionage group APT-C-60 has exploited these vulnerabilities to target individuals in East Asian countries. ESET's research has uncovered the technical nuances of these exploits

Microsoft Sway Abused to Deliver Quishing Attacks

Microsoft Sway Abused to Deliver Quishing Attacks

On August 27, 2024, Netskope Threat Labs reported a surge in traffic to phishing pages hosted on Microsoft Sway, a free web-based application within the Microsoft 365 suite. These phishing campaigns predominantly employed "Quishing," a technique using QR codes

The Versa Director Zero-Day Exploitation

The Versa Director Zero-Day Exploitation

On August 27, 2024, Black Lotus Labs revealed the active exploitation of a zero-day vulnerability in Versa Director servers. Identified as CVE-2024-39717, this vulnerability impacts all Versa Director versions before 22.1.4. CISA added CVE-2024-39717 to the KEV.

CISA Adds One Known Exploited Vulnerability to Catalogue

CISA Adds One Known Exploited Vulnerability to Catalogue

On August 26, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a newly identified vulnerability to its Known Exploited Vulnerabilities Catalog.

CISA Adds Versa Networks Director Vulnerability to Known Exploited Vulnerabilities Catalogue

CISA Adds Versa Networks Director Vulnerability to Known Exploited Vulnerabilities Catalogue

CISA announced the addition of a newly identified vulnerability in Versa Networks Director to its Known Exploited Vulnerabilities Catalogue. This vulnerability, designated CVE-2024-39717, is now recognized as a significant threat due to active exploitation in the wild.

ESET Uncovers NGate Android Malware Relaying NFC Traffic to Facilitate Unauthorized ATM Withdrawals

ESET Uncovers NGate Android Malware Relaying NFC Traffic to Facilitate Unauthorized ATM Withdrawals

ESET Research revealed a sophisticated crimeware campaign targeting customers of three central Czech banks. The attack utilized advanced Android malware named NGate, which can relay near-field communication (NFC) data from victims' payment cards via compromised Android devices.

Velvet Ant Threat Group Exploits Zero-Day Vulnerability in Cisco Nexus Switches to Deploy Malware

Velvet Ant Threat Group Exploits Zero-Day Vulnerability in Cisco Nexus Switches to Deploy Malware

On August 22, 2024, Sygnia released a detailed report uncovering a sophisticated cyber espionage campaign conducted by the China-nexus threat group "Velvet Ant." This group recently exploited a zero-day vulnerability (CVE-2024-20399) in Cisco Nexus Switch appliances