Free Access

Day: July 18, 2023

What is the OpenSSL Version Vulnerability?

This image is about the OpenSSL version vulnerability.

Blog Learn about the OpenSSL version vulnerability, a flaw in the popular encryption library that can expose sensitive data, emphasizing the importance of updates to mitigate security risks. On October 25, the OpenSSL team has announced that a security patch for a critical vulnerability in OpenSSL version 3.x was being prepared. In addition to that […]

SQL Injection Failure and Flaws Have Been Patched by Vmware

This image is about VMware patching SQL injection vulnerabilities.

Blog SQL Injection Failure SQL Injection Failure and Flaws That Allow Remote Attackers to Execute Code Remotely Have Been Patched by Vmware. The proof-of-concept exploit code is publicly available for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain administrative privileges. VMware has previously released updates to the vulnerability (CVE-2022-31656, […]

Cisco Has Been Hacked by Yanluowang Ransomware Group

This image is about Cisco being hacked by the Yanluowang ransomware group.

Blog Cisco’s corporate network was breached by the Yanluowang ransomware group Cisco has confirmed that the Yanluowang ransomware group has breached the company’s network and that the actor has attempted to extort the stolen files under threat of leaking them online. Cisco said on May 24, 2022 that it became aware of a possible compromise. […]

USA Offers $10M Bounty for Providing Information on the Conti Ransomware Gang

This image is about the U.S. offering a $10 million bounty for information on the Conti ransomware gang.

Blog A Reward for Information About The Conti Ransomware Group USA Offers $10M Bounty for Providing Information on the Conti Ransomware Gang. As part of the Justice Awards program, the US State Department announced that a $10 million reward will be offered for information on five high-ranking Conti ransomware members, including the first reveal of […]

PyPI Package ‘secretslib’ Drops Fileless Cryptominer to Linux Systems

This image is about the 'secretslib' PyPI package dropping a fileless cryptominer on Linux systems.

Blog PyPI Package ‘secretslib’ PyPI Package ‘secretslib’ Drops Fileless Cryptominer to Linux Systems. A PyPI package named “secretslib” has been identified by Sonatype, which describes itself as “secret mapping and verification made easy”. The package secretly runs cryptominers in the memory of the Linux machine, a technique largely used by fileless malware and cryptominers. Secretslib […]

Microsoft Has Disrupted SEABORGIUM Phishing Operation

This image is about Microsoft's disruption of SEABORGIUM phishing operations.

Blog Seaborgium Phishing Operation The Microsoft Threat Intelligence Center (MSTIC) has taken action and taken measures to disrupt the campaigns launched by the SEABORGIUM actor, which has been tracked since 2017. SEABORGIUM is a threat actor with goals aligned with the interests of the Russian state. SEABORGIUM is a threat actor that often targets the […]

Kaspersky Published a Report on Malicious Browser Extensions

This image is about Kaspersky's report on malicious browser extensions.

Blog Kaspersky analyzed threat statistics by processing data voluntarily shared by its users for the period from January 2020 to June 2022. According to this data, during the first half of this year, 1,311,557 users tried to download malicious or unwanted extensions at least once. From January 2020 to June 2022, nearly 70 percent of users […]

Google Has Released an Update for the New Chrome Zero-Day Vulnerability

This image is about Google's update for a new Chrome zero-day vulnerability.

Blog Google has released security updates for many vulnerabilities, including the zero-day vulnerability for the Chrome browser. These defects are known to be actively exploited in the wild. Defined as a case of insufficient validation of untrusted inputs in Intents, the flaw is tracked with code CVE-2022-2856 (CVSS: N/A). The firm refrained from sharing additional […]

13 Organizations Targeted by Chinese-Linked APT41 and a New Wave of Cobalt Strike Infections

This image is about 13 organizations targeted by Chinese-linked APT41 and a new wave of Cobalt Strike infections.

Blog APT41, one of the state-sponsored ex-hacker groups, breached government networks in six US states in March 2022, including by exploiting a vulnerability in a livestock management system, according to Mandiant researchers. Cybersecurity firm Group-IB’s investigations resulted in nearly 80 proactive notifications of APT41 attacks against their infrastructure to private and government organizations worldwide. The […]

WordPress Sites Hacked with Fake Cloudflare DDoS Alerts

This image is about WordPress sites hacked with fake Cloudflare DDoS alerts.

Blog DDoS protection pages typically verify whether the site visitor is actually a human or part of a Distributed Denial of Service (DDoS) attack or other unwanted bot. Bad bots make up a large portion of web traffic. These include DDoS traffic, scrapers scavenging email addresses to send spam, bots trying to find vulnerable websites […]

Stay informed with the latest updates, expert insights, and in-depth analysis from ThreatMon’s cybersecurity intelligence. Subscribe to receive critical news, threat reports, and industry trends directly in your inbox, helping you stay ahead of emerging cyber threats.
Platform
Subscriptions
Solutions
Resources
Partner
Company

© 2025 ThreatMon. All rights reserved.

X-twitter Linkedin-in Github