Cybersecurity firm Datadog has revealed that actor MUT-1244 used proof-of-concept exploits and phishing emails to install malware @0xengine/xmlrpc, stealing around 390,000 credentials from infected machines. The credentials are believed to have been used to access administrative accounts on WordPress. The attacker’s ultimate motives remain unclear, with inconsistencies in their approach suggesting a lack of clear intent or strategy.
Google issues VPN warning to millions over Playfulghost malware
Google has issued a warning regarding the new malware threat known as Playfulghost which is spread worldwide through fraudulent VPN apps using methods such as
