They're called watering hole attacks, and in addition to being a longstanding threat they've been behind several high-profile incidents lately. The most infamous watering hole attack in recent ...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. A China-based threat actor has ramped up ...

Between November 2023 and July 2024, the attackers compromised Mongolian government websites and used the access to conduct “watering hole” attacks, in which anyone with a vulnerable device ...

The threat actor combined a watering hole attack strategy with an exploit for a vulnerability in a file transfer client that is required in South Korea to complete certain financial and ...

This tactic is known as a watering hole attack, in which a legit site that valuable netizens often visit is compromised so it can be used to in turn compromise those targets. You may remember ...

A new watering hole attack has been discovered targeting macOS users and visitors of a pro-democracy radio station website in Hong Kong and infecting them with the DazzleSpy malware ...

When I used to try to break into companies, we used a watering hole attack: You go to the bar where the employees go, you go to the office building or bathroom where the employees go, and you drop ...

Google LLC’s Threat Analysis Group today shared details on multiple observed in-the-wild exploit campaigns that used watering-hole attacks on Mongolian government websites between November 2023 ...