News - The Marron Group

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

Cyber Espionage / Cloud Security The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the Russian information technology (IT) sector between [...]

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. "This [...]

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Vulnerability / Threat Mitigation Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, [...]

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Vulnerability / Cloud Computing Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with [...]

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Vulnerability / Threat Intelligence A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England [...]

Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar

Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar

The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such offerings and [...]

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT. The activity, observed this month, is being tracked by [...]

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

Malware / Vulnerability The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code [...]

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea's illicit revenue generation schemes by enabling information technology (IT) worker [...]

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Malware / Threat Intelligence The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. [...]

Contact Us