Remote Access
ConnectWise patches new flaw allowing ScreenConnect hijacking
ConnectWise is warning ScreenConnect customers of a cryptographic signature verification vulnerability that could lead to unauthorized access and privilege escalation. The flaw affects ScreenConnect versions before 26.1. It is tracked as CVE-2026-3564 and received a critical severity score. ScreenConnect is a remote access platform typically used by managed service providers (MSPs), IT departments, and support teams. It can […]
Microsoft Teams phishing targets employees with A0Backdoor malware
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. The attacker relies on social engineering to gain the employee’s trust by first flooding their inbox with spam and then contacting them over Teams, pretending to […]
France arrests Latvian for installing malware on Italian ferry
French authorities arrested two crew members of an Italian passenger ferry suspected of infecting the ship with malware that could have enabled them to remotely control the vessel. As the Paris prosecutor’s office announced this week, a Bulgarian national has been released without any charge, while a Latvian suspect who recently joined the crew of […]
XWorm malware resurfaces with ransomware module, over 35 plugins
New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project last year. The latest variants, XWorm 6.0, 6.4, and 6.5, appear to be adopted by multiple threat actors and have support for plugins that allow a wide range of malicious activities. Malware operators can use […]
Ring denies breach after users report suspicious logins
Ring is warning that a backend update bug is responsible for customers seeing a surge in unauthorized devices logged into their account on May 28th. On May 28th, many Ring customers reported seeing unusual devices logged into their accounts from various locations worldwide, leading them to believe their accounts had been hacked. Last week, Ring […]
Beware: PayPal “New Address” feature abused to send phishing emails
An ongoing PayPal email scam exploits the platform’s address settings to send fake purchase notifications, tricking users into granting remote access to scammers For the past month, GeekFeed and others [1, 2] have received emails from PayPal stating, “You added a new address. This is just a quick confirmation that you added an address in your PayPal […]
Kimsuky hackers use new custom RDP Wrapper for remote access
The North Korean hacking group known as Kimsuky was observed in recent attacks using a custom-built RDP Wrapper and proxy tools to directly access infected machines. This is a sign of shifting tactics for Kimsuky, according to AhnLab SEcurity Intelligence Center (ASEC), who discovered the campaign. ASEC says the North Korean hackers now use a […]