Cyber Security – Page 5 – Simply Secure Group

New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials

A new backdoor called PamDOORa has emerged as a serious and growing threat to Linux systems, targeting one of the most trusted components of the operating system to silently steal SSH credentials. The malware was advertised for sale on a Russian-speaking cybercrime forum called Rehub, with its complete source code initially listed at $1,600 before […]

Hackers Deploy Modular RAT With Credential Theft and Screenshot Capture Capabilities

A newly identified malware campaign is targeting senior executives and government investigators across Southeast Asia, using a modular Remote Access Trojan capable of stealing credentials, capturing screenshots, and maintaining deep persistence on infected systems. The operation, dubbed Operation GriefLure, is running two simultaneous campaigns hitting Vietnam’s military-linked telecom sector and the Philippine healthcare industry. What […]

New ZiChatBot Malware Uses Zulip REST APIs as Command and Control Server

A newly discovered malware called ZiChatBot has been found quietly using the REST APIs of a legitimate team chat application called Zulip to receive and carry out commands from its operators. This approach is unusual because the malware never communicates with a private server that security tools could flag or block, making it harder to […]

Critical Spring Vulnerabilities Expose Arbitrary Files and GCP Secrets

Spring Cloud Config provides crucial server-side and client-side support for externalized configuration in distributed systems. Recently, the Spring development team disclosed four security vulnerabilities impacting the Spring Cloud Config Server. These flaws range from medium to critical severity, exposing environments to unauthorized arbitrary file access, cloud secrets leakage, and logging misconfigurations. Because centralized configuration servers […]

New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks

Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to apply patches immediately. At the time of disclosure, Ivanti confirmed active exploitation of CVE-2026-6973, a vulnerability that requires admin authentication to succeed. The flaws exclusively affect the […]

CISA Warns of Palo Alto PAN-OS Vulnerability Exploited to Gain Root Access

CISA has issued an urgent warning regarding a critical vulnerability in Palo Alto Networks PAN-OS. Tracked as CVE-2026-0300, this severe security flaw was recently added to CISA’s Known Exploited Vulnerabilities catalog on May 6, 2026. The vulnerability allows unauthenticated threat actors to execute arbitrary code and gain root privileges on affected firewall appliances, prompting immediate […]

Critical Ollama Memory Leak Vulnerability Exposes 300,000 Servers Globally

A major security flaw has placed Ollama, one of the most widely used platforms for running local AI models, at risk of a high-profile exposure event. The issue, dubbed “Bleeding Llama,” allows unauthenticated attackers to access the Ollama process and extract sensitive data directly from memory, putting roughly 300,000 internet-facing servers worldwide at risk. With […]

Darkhub Hacking-for-Hire Portal Advertises Crypto Fraud, Message Interception, and Monitoring

A dark web platform calling itself Darkhub has surfaced on the Tor network, openly advertising hacking-for-hire services to anyone willing to pay. The platform presents itself as a one-stop shop for illegal cyber activity, with offerings ranging from breaking into social media accounts to intercepting private messages and manipulating financial records. What makes Darkhub notable […]

Hackers Use Microsoft Teams to Steal Credentials and Manipulate MFA

Iranian APT group MuddyWater deployed Chaos ransomware as a “false flag” in a sophisticated hybrid espionage campaign targeting Western organizations, bypassing encryption in favor of data theft and long-term persistence. In early 2026, Rapid7 incident responders were called into what initially appeared to be a routine Chaos ransomware intrusion, but forensic analysis quickly revealed something […]

Low Noise, High Confidence:OptimizingSOC Costs with Better Threat Intelligence

Robust defense systems are built on a clear understanding of current threats and the ability to translate it into consistent decisions and measurable outcomes at optimal cost. High-performing SOCs achieve this by eliminating unnecessary work and operationalizing threat data. At the core of this model lies threat intelligence that is: Relevant to active threats Actionable within existing workflows Curated to reduce false alerts Not all threat data sources meet these criteria. The difference becomes evident in how effectively they reduce investigation […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.