Threat Intelligence

KFC and McDonald’s were targeted via phishing campaigns. Campaigns aimed at the Saudi Arabia, UAE, and Singapore regions. Payment details has also been compromised.

Portmap.io was misused in a phishing campaign targeting Indian banking customers. Phishing URLs are distributed via smishing techniques.

We Discovered a Private drainer for Metamask which is capable of transferring cryptocurrency from the victim’s wallet to the attacker's wallet.

Threat actors discussing the exploit for CVE-2022-26809, an RCE present in the Windows RPC runtime.

A new critical authentication bypass vulnerability affecting the web admin console for FortiOS and FortiProxy. Threat actors can easily exploit the vulnerability with a crafted HTTP request.

Multiple phishing domains impersonating Absher, the Saudi government service portal. Domains provide fake services to the citizens and steal their credentials.

Team Mysterious Bangladesh announces another wave of attack Group compromised multiple Indian entities in the past. DDoS & Defacement attacks are amongst the most prominent attacks.

Several critical and high-severity vulnerabilities affecting Veeam Backup & Replication exploited by advertising fully weaponized tools for remote code execution.