-
Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises
10 Jun 2025 12:00 GMT
… / Malware
The threat actor known as Rare Werewolf … feature of this threat is that the attackers favor using … to an attacker-controlled email address over SMTP. The attacks are also … in the attacked companies, and the traditional threats to publish …
-
New npm threats can erase production systems with a single request
10 Jun 2025 12:59 GMT
… ) via email using hardcoded SMTP credentials, enabling attackers to track successful deployments.
-
Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems
09 Jun 2025 22:09 GMT
… on demand.
Socket’s Threat Research Team exposed the malicious … a functioning health check, SMTP integration, and dynamic support … logs backend URLs, helping attackers map server infrastructure.
This … a covert control channel. SMTP credentials are baked into …
-
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
09 Jun 2025 11:45 GMT
… api escalates the threat with a multi-faceted attack vector.
From Deceptive … SMTP credentials (via smtp[.]hostinger[.]com) to exfiltrate reconnaissance data to the attacker … Network Indicators
smtp[.]hostinger[.]com:465, auth@corehomes[.]in
Threat Actor …
-
MICI NetFax Server Flaws Allow Attackers to Execute Remote Code
30 May 2025 14:12 GMT
… through a chain of authenticated attacks, with default credentials and … this product exposed to significant threats.
The first vulnerability, CVE … the exposure of stored SMTP passwords.
While the web … /config.phpReturns the SMTP password in cleartext.
This …
-
Exploitable Vulnerabilities in Canon Printers Allow Attackers to Gain Admin Privileges
23 May 2025 12:23 GMT
… exploited, these flaws enable attackers to acquire SMTP/LDAP connection … makes it attractive to threat actors.
The attack requires high-level privileges … imagePRESS Series
Allows attackers with administrative privileges to extract SMTP/LDAP …
-
Google issues warning to all 1.8b Gmail users over dangerous attack: 'Do not respond to messages'
20 May 2025 21:36 GMT
… 'no-reply' email attack because victims receive a supposedly … 's personal information.
The attack is triggered when Gmail users … own systems.
Specifically, the new attack makes use of a tool … ; For example, me@googl-mail-smtp-out-198-142-125-38 …
-
ModiLoader Malware Attacking Windows Users to Steal Login Credentials
19 May 2025 11:56 GMT
… emerged as a significant threat to Windows users, specifically … banking institutions.
The attack begins with phishing emails … transmission via email, FTP, SMTP, and Telegram channels.
… captured and exfiltrated to attackers, creating persistent security …
-
Linux Security Essentials – Protecting Servers from Supply Chain Attacks
15 May 2025 07:08 GMT
… an escalating threat landscape dominated by sophisticated supply chain attacks.
Recent incidents … and coffin2022 leveraged Gmail’s SMTP servers and WebSockets to exfiltrate … unusual network activity (e.g., SMTP exfiltration)
Security leaders have noted …
-
Gmail to drop support for 'outdated' 3DES encryption in incoming SMTP connections
07 May 2025 10:03 GMT
… ) in Gmail's incoming SMTP connections. In plain terms, email … key over time, potentially allowing attackers to figure things out about …
About
© 1995-2025