top of page

Threat Intelligence Cybersecurity Hacking News July 30, 2021

Updated: Nov 26, 2021

Top Breaches Reported in the Last 24 Hours

Iranian railway system hacked

Cybersecurity researcher at SentinelOne’s security has disclosed that a cyberattack that brought down Iran's national railways earlier in July it's involved a new reusable wiper malware also known as Meteor.

Chipotle's Account for Phishing Attacks

An email marketing account belongs to Chipotle has been hacked by cybercriminals in a phishing attack campaign. During the phishing operation, almost more than 120 malicious emails were sent from a hacked Mailgun account. American businesses used this account for marketing purposes. ([].

Transnet hit cyberattack

South Africa’s ports and the freight rail operator were hit by a ransomware attack with a strain of ransomware called Death Kitty

Top Malware Reported in the Last 24 Hours

Threat Spotlight: Solarmarker

Cybersecurity researchers are closely tracking a SolarMarker Campaign that dates back to September 2020. Malware is capable of hacked sensitive data such as credit card details. As per know, researchers collected the evidence.


On July 21, 2021, Malwarebytes Labs identified a sophisticated suspicious document name “Манифест.docx” (“Manifest.docx”) Malware is capable of accessing files stored in compromised windows system downloading and executing malicious payloads still its is not disclosed who might be behind this attack.

Eight malicious Python packages

Researchers found eight malicious Python packages that we downloaded almost more than 30,000 times have been removed from the PyPI repository for containing malicious code. The malicious packages code could allow the hacker to spread malware through typosquatting, dependency confusion, or simple social engineering attacks. The eight malicious packages are pytagora, pytagora2, noblesse, genesisbot, are, sufferm noblesse2, and noblessev2.

BazaLoader Malware

Cybersecurity experts from Microsoft Uncovered a malicious campaign dubbed as BazaCall. Ongoing malware campaign that traps the victims into downloading the BazarLoader malware on their systems. The attack malware campaign leverages bogus call centers and phishing emails to target victims. The main motive of hackers is to distribute ransomware and hack confidential data and credentials.

Active Cozy Bear C2 servers

RiskIQ reported major sophisticated malware having identified more than thirty active APT29 commands and control (C2) servers.

(The Dukes, Yttrium, Cozy Bear), which the US government associates with Russia’s Foreign Intelligence Service (SVR), actively serving malware (WellMess, WellMail). This malware was previously used in espionage campaigns targeting COVID-19 research in the UK, US, and Canada.

Top Vulnerabilities Reported in the Last 24 Hours

Flawed Download Manager plugin

Recently vulnerability in the WordPress Download Manager Plugin could be abused to execute arbitrary code under specific configurations. Tracked as CVE-2021-34639 and having a CVSS score of 7.5, just because of flaws hackers are able to upload files with php4 extensions as files that might be executed under certain circumstances.

Top Scams Reported in the Last 24 Hours

PayPal Phishing Cofense Phishing Defense Center analysts have disclosed a new phishing campaign that stealing account details. The email contains a phishing link that leads recipients to a bogus PayPal live chat page.


bottom of page