Over 300 Malicious Android Apps Installed 60 Million Times in 'Vapor' Campaign
A large-scale malware operation, dubbed "Vapor," has infiltrated Google Play, with over 300 malicious apps being downloaded 60 million times. These apps acted as adware, committed large-scale ad fraud, and attempted to steal user credentials and credit card information.
SuperBlack Ransomware Exploits Fortinet Vulnerabilities: A New Cyber Threat Emerges
A Russian-linked threat actor, identified as Mora_001, has been actively exploiting vulnerabilities in Fortinet firewalls to deploy a new ransomware variant known as SuperBlack. Security researchers at Forescout have uncovered this sophisticated campaign, highlighting the threat actor’s ties to established ransomware gangs and their use of advanced post-exploitation techniques.
Elon Musk Claims X Was Hit by a "Massive Cyber-Attack" Amid Service Outages
On Monday afternoon, Elon Musk alleged that X, the social media platform formerly known as Twitter, was the target of a "massive cyber-attack" that led to widespread service disruptions throughout the day. Users across the globe experienced difficulties accessing the platform, with posts failing to load and intermittent outages persisting for hours.
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
Broadcom has issued security updates to address three actively exploited zero-day vulnerabilities in VMware products. These flaws, reported by the Microsoft Threat Intelligence Center, impact VMware ESX solutions, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform.
Microsoft is currently investigating a new Microsoft 365 outage impacting Teams users, causing call failures and authentication issues. The outage, which began more than an hour ago, has resulted in hundreds of reports on monitoring platforms like Downdetector, with users facing widespread disruptions.
Angel One, a leading financial services platform, has disclosed a significant data breach involving unauthorized access to specific client data after some of its Amazon Web Services (AWS) resources were compromised. This alarming incident raises concerns over the security of sensitive financial data and highlights the growing risks associated with cloud-based infrastructure.
Salt Typhoon Hackers Use JumbledPath to Spy on U.S. Telecom Networks
A Chinese state-sponsored hacking group, Salt Typhoon (also known as Earth Estries, GhostEmperor, and UNC2286), has been identified using a custom utility called JumbledPath to stealthily monitor network traffic and capture sensitive data in cyberattacks on U.S. telecommunication providers.
Over 300 Malicious Android Apps Installed 60 Million Times in 'Vapor' Campaign A large-scale malware operation, dubbed "Vapor...
