New Malware Campaign Exploits Stored XSS in Popup Builder < 4.2.3
New Malware Campaign Exploits Stored XSS in Popup Builder < 4.2.3 A recent surge in cyberattacks has been linked to a new malware campaign targeting websites utilizing the Popup Builder WordPress plugin. Initially identified by security expert Marc Montpas in November 2023, the vulnerability is now being exploited at an alarming rate. In just three […]
Linux Malware Campaign “Migo” Targets Redis For Cryptomining
Security analysts have stumbled upon a sophisticated malware operation aimed directly at Redis, a widely used data storage system. This newly identified campaign, labeled “Migo,” showcases intricate tactics devised to infiltrate Redis servers, all in the pursuit of cryptocurrency mining on Linux-based platforms. In a groundbreaking discovery, Cado Security Labs has unearthed the intricate workings […]
The Latest Evasion Tactics: GULOADER Malware Adopts Advanced Techniques
Security experts have recently uncovered a novel strategy employed by the notorious GULOADER malware, designed to outsmart antivirus detection systems. This highly evasive shellcode downloader, commonly transmitted through email attachments or links with VBScript files, has now been identified utilizing the Vectored Exception Handler (VEH) capability, adding an extra layer of complexity to its evasion […]
Iranian APT Deploys No-Justice Wiper in Targeted Cyber Assaults Against Albania
Iranian APT Deploys No-Justice Wiper in Targeted Cyber Assaults Against Albania In a recent surge of cyber-espionage activities, an Iranian Advanced Persistent Threat (APT) group has made headlines for employing the powerful and destructive No-Justice Wiper in a series of targeted attacks against Albania. Adding a layer of complexity, the threat actors utilized a malicious […]