More than 600 servers worldwide have been subjected to recent attacks with the Androxgh0st malware, reports Hackread.
The U.S., India, and Taiwan accounted for the bulk of the impacted servers, which were compromised by Androxgh0st malware operators through web shells deployed via the exploitation of several security vulnerabilities, including CVE-2019-2725, CVE-2021-3129, and CVE-2024-1709, a report from Veriti Research revealed.
Read more…
Source: SC Media
Related:
- US government warns Linux CVE-2024-1086 flaw is now being exploited for ransomware attacks
November 3, 2025
The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit. The bug was first disclosed in late January 2024, and described ...
- Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks
November 2, 2025
Rogue employees of a Chicago company that specializes in negotiating ransoms to mitigate cyber attacks were carrying out their own piracy in a plot to extort millions of dollars from a series of companies, prosecutors say. Kevin Tyler Martin, a ransomware threat negotiator for River North-based DigitalMint at the time of the alleged conspiracy, was among ...
- Ransomware gang claims Conduent breach: what you should watch for next [updated]
October 30, 2025
Updated – October 30, 2025: New information confirms that Conduent’s 2024 breach has impacted over 10.5 million people, based on notifications filed with multiple state attorneys general. The largest disclosure came from the Oregon government, which reported 10.5 million affected residents. Conduent provides technology services to several US state governments, including Medicaid, child support, and food ...
- The end of ransomware? Report claims the number of firms paying up is plummeting
October 28, 2025
The number of companies paying ransomware attackers for decryption keys and delete stolen files has plummeted, and now represents just 23% of all victims, new research has claims. In its report, Coveware said ransom payment rates across all impact scenarios – encryption, data exfiltration, and other extortion – fell to a “historical low” of 23% in ...
- The Golden Scale: Notable Threat Updates and Looking Ahead
October 20, 2025
Palo Alto Unit 42 recently published an Insights piece “The Golden Scale: Bling Libra and the Evolving Extortion Economy,” which primarily focused on the Salesforce data theft extortion activity. This was associated with the cybercriminal syndicate known as Scattered LAPSUS$ Hunters. Since early October 2025, the researchers have observed several notable developments within a Telegram channel ...
- Identifying and Mitigating Potential Velociraptor Abuse
October 9, 2025
Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams ...