Criminal crews deploy legitimate RMM tools inside carriers and brokers, then hijack booking and dispatch to steal real freight. This body explains how access lands, which artifacts reveal the intrusion, and what controls stop RMM-driven cargo theft without breaking logistics operations or delaying shipments.
Despite Cisco and global agencies issuing urgent zero-day alerts, nearly 48,000 Cisco ASA firewalls remain vulnerable and exposed to ongoing exploit campaigns.
The ChaosBot malware campaign is exploiting Cisco VPN credentials and Active Directory passwords to infiltrate enterprise environments. By combining brute-force attacks with credential reuse, ChaosBot’s operators are building a fast-spreading botnet focused on corporate VPN and identity systems.
The PyPI “SoopSocks” package claims to be a SOCKS5 proxy solution but conceals backdoor capabilities, enabling attackers to control compromised systems remotely.
A fake Chrome wallet called “Safery” steals seed phrases by encoding them into Sui addresses and sending dust transactions, allowing attackers to reconstruct mnemonics later. Consequently, users risk full account takeover. Enforce extension allowlists, remove unknown wallets, rotate seeds, and migrate assets to new addresses immediately.
Researchers have uncovered a new global campaign linked to the TA585 threat group, deploying a malware strain called MonsterV2. The campaign targets enterprise, finance, and industrial sectors, leveraging advanced persistence and evasion techniques to steal data and compromise corporate networks