Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin

China-Linked Espionage Cluster Deploys Custom ASPX/ASHX Shells on IIS

A previously disclosed China-linked threat cluster, tracked as OP-512, has been observed deploying a purpose-built web shell framework to compromise Internet Information Services (IIS) servers.

Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE

Ubiquiti has addressed three critical vulnerabilities within the UniFi OS Server that attackers can chain together to achieve unauthenticated remote code execution (RCE) with root

CISA Alerts on Actively Exploited SolarWinds Serv-U Denial-of-Service Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabilities (KEV) catalog. Tracked

Malspam Campaign Abuses DoubleClick to Deploy Stealthy .NET Loader

A sophisticated new malspam campaign is actively exploiting Google’s DoubleClick ad-tracking infrastructure to bypass enterprise email security gateways. Discovered by researchers at Huntress, the attack

News and Analysis

Subscribe to newsletter

More Posts

China-Linked Espionage Cluster Deploys Custom ASPX/ASHX Shells on IIS

Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE

CISA Alerts on Actively Exploited SolarWinds Serv-U Denial-of-Service Flaw

Malspam Campaign Abuses DoubleClick to Deploy Stealthy .NET Loader

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company