New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim's system and bypassing security software.
The Hacker News

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

The access afforded by the ANTSWORD web shell is then used to run the "whoami" command to determine the privileges of the web ...
CSO Online

Open-source monitor turns into an off-the-shelf attack beacon

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia.

Mint Explainer: Vibe hacking and why cybersecurity experts are worried

As agentic artificial intelligence becomes widespread, a new cyberattack vector—vibe hacking—is emerging, raising alarms ...
Infosecurity Magazine

Nezha Tool Used in New Cyber Campaign Targeting Web Applications

A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT ...
PCQuest on MSN

Inside Oracle's zero-day chaos: how Clop rewrote the ransomware rulebook

Clop’s Oracle WebLogic zero-day exploit exposed a new ransomware era focused on silent data theft, stealthy infiltration, and ...