The Hacker News

MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks

An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, banks, IT companies, and educational institutions. The first-ever compromise dates back to 2021. "This

Naked Security

LastPass: Keylogger on home PC led to cracked corporate password vault

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn't say which one!) on a developer's home computer.