Malware

Atlassian Confluence Data Center and Server instances infected with the Effluence backdoor through the exploitation of the critical vulnerability, tracked as CVE-2023-22515, remained compromised even after the application of issued patches, reports The Hacker News.

Operators of the BiBi wiper malware initially reported to have been used to target Israeli firms' Linux systems amid the ongoing war between Israel and Palestinian militant group Hamas have also developed a version of the payload aimed at Windows systems, according to The Hacker News.

Cado Security Labs says OracleIV demonstrates how attackers can hijack an exposed Docker host and run malicious code in a portable way.

Malicious Python packages spread BlazeStealer malware Eight new Python packages masquerading as obfuscation tools have been used to facilitate the distribution of the BlazeStealer malware since January, The Hacker News reports.

Hackread reports that Microsoft Azure's Automation Service has been leveraged to create the first cryptocurrency miner that could not be detected by security systems.

Indian government organizations had their Windows and Linux systems subjected to two new attack campaigns by Pakistan-linked advanced persistent threat operation SideCopy, one of which involved the exploitation of a WinRAR security vulnerability, aimed at facilitating the deployment of various remote access trojans, The Hacker News reports.

Malware distribution on Android devices has been facilitated by the new SecuriDropper dropper-as-a-service operation by evading Android 13's "Restricted Settings" functionality to breach "Accessibility Services," BleepingComputer reports.

Israel had its education and tech organizations subjected to attacks by Iranian state-sponsored hacking operation Agonizing Serpens, also known as BlackShadow and Agrius, amid its ongoing war with Palestinian militant group Hamas, reports The Record, a news site by cybersecurity firm Recorded Future.