Recent reports indicate that threat actor XE Group, likely of Vietnamese origin, is exploiting critical vulnerabilities in software products such as Progress Telerik UI and Advantive VeraCore. The group has shifted its focus from credit card skimming to targeting supply chains, using advanced tactics to maintain persistent remote access. Notably, vulnerabilities like CVE-2024-57968 and CVE-2025-25181 are utilized to deploy web shells for unauthorized access, posing significant risks to compromised systems and data integrity, as discovered in a recent analysis by cybersecurity firms Intezer and Solis Security.
XE Group transitioned from credit card skimming to targeted information theft, marking a significant shift in their operational priorities.
Their attacks now target supply chains in the manufacturing and distribution sectors, leveraging new vulnerabilities and advanced tactics.
Collection
[
|
...
]