Attacks exploiting a critical out-of-bounds write zero-day vulnerability in VMware Center Server, tracked as CVE-2023-34048, have been deployed by Chinese cyberespionage operation UNC3886 since 2021, two years before the flaw was identified and addressed, reports The Hacker News.
Russia-backed threat group targeting critical infrastructure and leading NGOs and NATO governments, including attacks on U.S. nuclear research facilities.
More than $80 million worth of digital assets from over 100 cryptocurrency brands were exfiltrated by the Inferno Drainer cryptocurrency scam last year, making it the most prolific cryptocurrency drainer last year despite ceasing operations in November, according to SiliconAngle.
Threat actors have leveraged web hard drives disguised as adult-themed games to facilitate the distribution of the Remcos RAT surveillance tool across South Korea, The Hacker News reports.
BleepingComputer reports that information-stealing malware targeted at macOS systems, including KeySteal, Atomic Stealer, and CherryPie, have been updated by their developers to bypass the continuous updates Apple has added to the built-in XProtect anti-malware system.
“This particular attack is using unpatched vulnerabilities first announced (and patched) three to seven years ago. They are still unpatched and still being exploited,” researchers said.