Virus & Threats – TFun dot org

In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences

20/01/2023RedOne

Cloud risk management and threat detection firm Rapid7 warns that it has seen organizations being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. read more

PyPI Users Targeted With ‘Wacatac’ Trojan in New Supply Chain Attack

17/01/2023RedOne

Fortinet warns of three new malicious PyPI packages containing code designed to fetch the Wacatac trojan and information stealer as a next stage payload. read more

Attackers Can Abuse GitHub Codespaces for Malware Delivery

17/01/2023RedOne

A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery, Trend Micro reports. read more

Most Cacti Installations Unpatched Against Exploited Vulnerability

13/01/2023RedOne

Most internet-exposed Cacti installations have not been patched against a critical-severity command injection vulnerability that is being exploited in attacks. read more

Sophisticated ‘Dark Pink’ APT Targets Government, Military Organizations

12/01/2023RedOne

Cybersecurity firm Group-IB is raising the alarm on a newly identified advanced persistent threat (APT) actor targeting government and military organizations in Asia and Europe. read more

Recently Disclosed Vulnerability Exploited to Hack Hundreds of SugarCRM Servers

12/01/2023RedOne

Exploitation of a critical vulnerability affecting the widely used SugarCRM customer relationship management system was seen just days after someone made public an exploit. read more

Red Hat Announces General Availability of Malware Detection Service

11/01/2023RedOne

Red Hat announced on Tuesday the general availability of a malware detection service for Red Hat Enterprise Linux (RHEL) systems. read more

Cybercrime Group Exploiting Old Windows Driver Vulnerability to Bypass Security Products

11/01/2023RedOne

A cybercrime group tracked as Scattered Spider has been observed exploiting an old vulnerability in an Intel Ethernet diagnostics driver for Windows in recent attacks on telecom and BPO firms. read more

PyPI Users Targeted With PoweRAT Malware

10/01/2023RedOne

Software supply chain security firm Phylum has identified a malicious attack targeting Python Package Index (PyPI) users with the PoweRAT backdoor and information stealer. read more

Many of 13 New Mac Malware Families Discovered in 2022 Linked to China

06/01/2023RedOne

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China. read more