Tag: exploit
-
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks
A previously undocumented set of 23 iOS exploits named “Coruna” has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spyware-grade-coruna-ios-exploit-kit-now-used-in-crypto-theft-attacks/
-
Iranian-U.S./Israeli Hostilities Lead to Increased Threat Landscape
Tags: attack, credentials, cyber, data-breach, disinformation, espionage, exploit, intelligence, iran, phishing, risk, theft, threatOverview Iranian”‘aligned cyber actors pose an elevated near”‘term risk due to their history of espionage, credential theft, disruptive attacks, and high”‘visibility “hacktivist” and disinformation operations, often targeting U.S. and allied interests through phishing, exploitation of exposed systems, and social manipulation. Given the current active hostilities between Iran and the U.S./Israeli-led coalition, threat intelligence indicates activity”¦…
-
Iran-nexus hackers target flaws in surveillance cameras
The threat activity echoes prior exploitation during the Israeli war with Hamas, a precursor to attacks against critical sectors in the U.S. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-hackers-target-flaws-ip-cameras/813795/
-
Zero-day in Android phone chips under active attack
Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639578/Zero-day-in-Android-phone-chips-under-active-attack
-
Google’s Biggest Android Security Update in Years Fixes 129 Bugs, Including an Actively Exploited Zero-Day
Google’s March 2026 Android update patches 129 flaws, including an actively exploited Qualcomm zero-day, and urges users to install 2026-03-05. The post Google’s Biggest Android Security Update in Years Fixes 129 Bugs, Including an Actively Exploited Zero-Day appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-security-update-129-vulnerabilities/
-
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
The FBI and European law enforcement agencies carried out a global crackdown on a cybercrime forum where criminals bought and sold stolen credentials and exploits of software vulnerabilities. First seen on therecord.media Jump to article: therecord.media/leakbase-cybercrime-fbi-europe-takedown
-
LexisNexis confirms data breach at Legal & Professional arm, some customer records affected
Crooks claim 2 GB haul from AWS instance via React2Shell exploit First seen on theregister.com Jump to article: www.theregister.com/2026/03/04/lexisnexis_legal_professional_confirms_data/
-
High-severity Qualcomm bug hits Android devices in targeted attacks
Google has patched 129 Android vulnerabilities, including an actively exploited flaw in a widely used Qualcomm component. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/high-severity-qualcomm-bug-hits-android-devices-in-targeted-attacks/
-
Chinesische Cyberspionage-Gruppe Silver-Dragon hat Behörden in Europa und Asien im Visier
Die Sicherheitsforensiker von Check Point Research (CPR) haben eine Cyberspionage-kampagne identifiziert, die sich gegen Regierungs-organisationen in Südostasien und Teilen Europas richtet. CPR nennt die Gruppe ‘Silver Dragon>> und nach Einschätzung der Sicherheitsexperten ist sie seit mindestens Mitte 2024 aktiv. Die Kampagne kombiniert Server-Exploits, Phishing, maßgeschneiderte Malware und eine cloudbasierte Befehlsinfrastruktur, um langfristigen Zugriff auf die…
-
Kaspersky dismisses claims Coruna iPhone exploit kit is connected to NSA-linked operation
Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats First seen on theregister.com Jump to article: www.theregister.com/2026/03/04/kaspersky_dismisses_claims_that_coruna/
-
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 1317.2.1
Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1.The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS. The…
-
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, an APT group tied to the China-linked group APT41, targeting government entities in Europe and Southeast Asia since mid-2024. The group gains initial access by exploiting…
-
CISA Warns Qualcomm Chipsets Memory Corruption Vulnerability Is Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Qualcomm chipset vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on March 3, 2026, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-21385, affects multiple Qualcomm chipsets and introduces a serious memory corruption risk that attackers can leverage to compromise affected devices. Vulnerability…
-
Exploit-Kit Coruna: iPhone-Nutzer mit bis zu 23 iOS-Exploits attackiert
Russische und chinesische Hacker sind offenbar an alte iOS-Exploits der US-Regierung gelangt und greifen damit massenhaft iPhone-Nutzer an. First seen on golem.de Jump to article: www.golem.de/news/exploit-kit-coruna-massig-iphone-nutzer-mit-bis-zu-23-ios-exploits-attackiert-2603-206074.html
-
Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows
The OpenID Foundation warns that fragmented policies on posthumous digital accounts could open the door for fraudsters to exploit AI deepfakes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/digital-estate-post-death-deepfake/
-
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, google, infrastructure, kev, microsoft, ransomware, vmware, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: In…
-
Exploit-Kit Coruna: Massig iPhone-Nutzer mit bis zu 23 iOS-Exploits attackiert
Russische und chinesische Hacker sind offenbar an alte iOS-Exploits der US-Regierung gelangt und greifen damit massenhaft iPhone-Nutzer an. First seen on golem.de Jump to article: www.golem.de/news/exploit-kit-coruna-massig-iphone-nutzer-mit-bis-zu-23-ios-exploits-attackiert-2603-206074.html
-
CISA Warns of VMware Aria Operations Vulnerability Actively Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog. This flaw, identified as CVE-2026-22719, is currently being exploited in the wild, prompting urgent calls for organizations to apply necessary mitigations. VMware Aria Operations, formerly known as vRealize Operations (vROps),…
-
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024.”Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said…
-
Microsoft Alerts Customers to New Phishing Attack Exploiting OAuth in Entra ID to Bypass Detection
Tags: attack, authentication, credentials, cyber, detection, exploit, google, government, microsoft, phishing, software, threat, vulnerabilityMicrosoft recently uncovered sophisticated phishing campaigns that exploit the by-design redirection mechanisms of the OAuth 2.0 protocol. Threat actors are targeting government and public-sector organizations by manipulating legitimate authentication flows in Microsoft Entra ID and Google Workspace. Rather than exploiting traditional software vulnerabilities or stealing credentials directly, this campaign abuses trusted protocol behavior to bypass…
-
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild.The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an First seen…
-
Silver Dragon APT Group Exploits Google Drive for Covert Attacks on Europe, Asia
Silver Dragon is a Chinese”‘aligned APT group that has been targeting public sector and high”‘profile organizations in Europe and Southeast Asia since at least mid”‘2024, with strong operational overlap to APT41 tradecraft. The group combines classic post”‘exploitation tooling like Cobalt Strike with new custom malware that abuses Google Drive as a covert command”‘and”‘control (C2) channel.research.…
-
Thousands of iPhones Compromised in Massive Hack via Coruna Exploit Kit with 23 Vulnerabilities
Security researchers from the Google Threat Intelligence Group (GTIG) have uncovered >>Coruna,<< a highly sophisticated iOS exploit kit responsible for compromising thousands of iPhones. Targeting iOS versions 13.0 through 17.2.1, the framework contains five complete exploit chains leveraging a staggering 23 vulnerabilities. What began as a tool for a commercial surveillance vendor in early 2025…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
100-plus prebuilt tool recipes and a human-readable YAML-based extension system;Attack-chain graph, risk scoring, and “step-by-step replay”;Password-protected web user interfaces (UIs) and audit logs;A knowledge base with vector search, hybrid retrieval, and searchable archives;Vulnerability management with create, read, update, delete (CRUD) operations, severity tracking, status workflow, and statistics;Batch task management that can organize task queues and…
-
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-vmware-aria-operations-rce-flaw-as-exploited-in-attacks/