According to researchers, the fileless attack uses PCASTLE to distribute samples of XMRig, a well-known Monero-mining malware family.
The new BlackSquid malware is capable of abusing eight notorious exploits in its attempts to install the XMRig Monero miner.
Security researchers discovered a hidden HTTP directory that is allowing threat actors to install Shade ransomware on WordPress and Joomla websites.
Digital criminals tried to impersonate oil and gas companies in a recent attack campaign distributing Shade ransomware.
A watering hole campaign that has been active in Southeast Asia since September has compromised at least 21 websites, including government and media domains.
Cybercriminals buried crypto-mining malware inside compromised websites in an effort to hijack victims' computing resources.
Security researchers observed CactusTorch, a fileless malware, using a .NET executable to run harmful .NET assemblies from memory.
Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.