'DripDropper' Hackers Patch Their Own Exploit

Threat Score:

Dark Reading

1 day ago

Part of cluster #2053

Overview

An attacker is breaking into Linux systems via a widely abused 2-year-old vulnerability in Apache ActiveMQ, installing malware and then patching the flaw....

Continue Reading on Original Site

5 articles

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Dark Reading • 5 hours ago

Researchers highlight how Warlock, a new ransomware heavyweight, uses its sophisticated capabilities to target on-premises SharePoint instances.

Score

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

Hackread • 5 hours ago

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 11 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

Feeds2 • 6 hours ago

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300) Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific targeted individuals.” CVE-2025-43300 CVE-2025-43300 is anout-of-bounds writeissue that could be triggered by a vulnerable device processing a malicious image file, leading to exploitable memory corruption. The vulnerability affects theIma

Score

At least three UK organizations hit by SharePoint zero-day hacking campaign

Therecord • 13 hours ago

At least three British organizations have reported to the country’s data protection regulator that hackers exploited bugs affecting on-premise Microsoft SharePoint servers.

Score

PLATFORMS

Apache

Apache ActiveMQ

Linux

ATTACK TYPES

Malware Deployment

Remote Code Execution

Unauthorized Access

MITRE ATT&CK

T1059

T1059.003

T1068

T1071

T1071.001

MALWARE

DripDropper

VULNERABILITIES

Remote Code Execution

CVES

CVE-2023-46604

COMPANIES

Apache Software Foundation

Red Canary

INDUSTRIES

Cloud Services

Cybersecurity

Technology

ARTICLE INFORMATION

Article #12459

Published 1 day ago

Dark Reading

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

How Warlock Ransomware Targets Vulnerable SharePoint Servers

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

At least three UK organizations hit by SharePoint zero-day hacking campaign

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies