Threat actors are leveraging SourceForge, a software hosting service, to distribute malware through a list of seemingly legitimate Microsoft Office application downloads. Users are redirected to a different site that downloads an archive containing a malware payload on their system if they click on the “Download” button. Russian-speaking users are primarily targeted, with over 4,600 encountering the scheme this year. The malware primarily targets cryptocurrency but could also allow system access to tertiary threat actors.
Hackers Actively Exploiting Critical Exchange & SharePoint Server Vulnerabilities
Microsoft has warned that cybercriminals are increasingly exploiting critical vulnerabilities in on-premises Exchange and SharePoint Servers. New techniques like NTLM relay and credential leakage enable
