Outbreak Alert- Annual Report 2024

Blog

Byadmblake March 31, 2025

Post Content

Blog

150,000 Packages Flood NPM Registry in Token Farming Campaign

A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol.

Read More 150,000 Packages Flood NPM Registry in Token Farming Campaign
Blog

GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections

Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing modified banking applications that act as a conduit for Android malware, Group-IB said in a technical

Read More GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Blog

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers

Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access. Cybersecurity firm Rapid7 said it observed a spike in intrusions involving SonicWall appliances over the past month, particularly following reports about renewed Akira ransomware activity since late July 2025. SonicWall subsequently revealed the SSL VPN activity aimed at…

Read More SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers
Blog

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions of Exchange Server that could allow an attacker to gain elevated privileges under certain conditions. The vulnerability, tracked as CVE-2025-53786, carries a CVSS score of 8.0. Dirk-jan Mollema with Outsider Security has been acknowledged for reporting the bug. “In an Exchange hybrid…

Read More Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups
Blog

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. “Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated

Read More Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Blog

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems. The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347

Read More Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Related