brangberg – Page 356

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes.
According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed FINALDRAFT (aka Squidoor) that employs Microsoft Graph API for C2. FINALDRAFT is attributed to a

Pierce County Library Data Breach Impacts 340,000

In April 2025, hackers stole personal information belonging to patrons and employees and their family members.

The post Pierce County Library Data Breach Impacts 340,000 appeared first on SecurityWeek.

Wide Range of Malware Delivered in React2Shell Attacks

Cybersecurity companies have been seeing a wide range of malware being delivered in attacks exploiting the critical React vulnerability dubbed React2Shell. A researcher discovered recently that React, the popular open source library for creating application user interfaces, is affected by a critical vulnerability that can be exploited for unauthenticated remote code execution via specially crafted […]

The post Wide Range of Malware Delivered in React2Shell Attacks appeared first on SecurityWeek.

Unpatched Gogs Zero-Day Exploited for Months

The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution.

The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek.

CISA Unveils Enhanced Cross-Sector Cybersecurity Performance Goals

The Impact of Robotic Process Automation (RPA) on Identity and Access Management

As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020.
Palo Alto Networks is tracking the activity cluster under the name Ashen Lepus. Artifacts uploaded to the VirusTotal platform show that the threat actor has trained its sights

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz.
The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix for the issue is said to be currently in the

IBM Patches Over 100 Vulnerabilities

Most of the 100 vulnerabilities resolved this week, including critical flaws, were in third-party dependencies.

The post IBM Patches Over 100 Vulnerabilities appeared first on SecurityWeek.

Microsoft fixes Windows Explorer white flashes in dark mode

Microsoft has fixed a known issue that caused bright white flashes when launching File Explorer in dark mode on Windows 11 systems after installing the KB5070311 optional update. […]

Author: brangberg