A new Linux Remote Access Trojan named “Krasue” has been found targeting Thai telecom firms, going undetected since 2021 due to various obfuscation techniques. Undocumented threat actors “AeroBlade” are suspected of a cyber espionage campaign targeting US aerospace organizations using spear-phishing and VBA macros to facilitate data theft. A previously patched Adobe ColdFusion vulnerability is still being targeted, leading to the compromise of at least two public-facing servers. Administrators are urged to apply patches immediately.
The ALPHV BlackCat and LockBit ransomware groups are causing havoc in the US healthcare sector, with a surge in cyberattacks on hospitals and pharmacies. The