The Hacker News

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm V6.0 is designed to connect to its C2 server at 94.159.113 [.]64 on port 4411 and supports a command called "plugin" to run more than 35 DLL payloads on the infected host's memory and carry out ...
Krebs on Security

ShinyHunters Wage Broad Corporate Extortion Spree

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen ...

This infamous ransomware has returned, and it's more dangerous than ever

XWorm resurfaces with versions 6.0–6.5, now maintained by alias XCoderToolsMalware includes RAT, ransomware, data theft, DoS, and over 35 modular pluginsTrellix reports rising VirusTotal samples; ...
SecurityWeek

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks

The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released.