Stealthy Phishing Campaign Exploits RMM Tools — Dark Reading

A sophisticated phishing campaign is leveraging remote monitoring and management (RMM) tools, specifically SimpleHelp and ScreenConnect, to evade detection. The attackers have targeted over 80 organizations, primarily using socially engineered messages. This method allows them to infiltrate systems undetected, posing a significant threat to enterprise security. Security teams should monitor for unusual RMM tool usage and strengthen phishing defenses.

MOVEit Automation Flaw Allows Authentication Bypass — The Hacker News

Progress Software has released patches for critical vulnerabilities in MOVEit Automation, including an authentication bypass flaw. This vulnerability could allow attackers to access systems without credentials, posing a high risk to data integrity and confidentiality. Affected versions should be updated immediately to mitigate potential exploitation. Organizations using MOVEit should prioritize this patch to protect sensitive data transfers.

Critical cPanel Vulnerability Exploited in Attacks — The Hacker News

A critical vulnerability in cPanel, a popular web hosting control panel, is being actively exploited by threat actors targeting government and MSP networks. This flaw allows attackers to execute unauthorized code, potentially compromising thousands of servers. Security teams should apply available patches and monitor for indicators of compromise to prevent unauthorized access and data breaches.

• Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia [The Hacker News]
• Weaver E-cology critical bug exploited in attacks since March [BleepingComputer]
• CISA says ‘Copy Fail’ flaw now exploited to root Linux systems [BleepingComputer]
• Over 40,000 Servers Compromised in Ongoing cPanel Exploitation - SecurityWeek [Google News Security]