A security vulnerability has been identified by the Qualys Threat Research Unit (TRU), revealing a chain of local… The post Critical Flaw Uncovered in SUSE Linux- Full Root Access at Risk appeared first on Hackers Online Club. This article has…
Category: EN
Qilin Emerges as a New Dominant Ransomware Attacking Windows, Linux, and ESXi Systems
Cybersecurity experts are raising alarms as a sophisticated new ransomware strain named Qilin has rapidly gained prominence in the threat landscape, demonstrating unprecedented cross-platform capabilities. The malware has been observed successfully compromising Windows workstations, Linux servers, and VMware ESXi hypervisors…
DMV-Themed Phishing Attacks Targeting U.S. Citizens to Steal Sensitive Data
A sophisticated phishing campaign targeting American citizens has emerged, exploiting the trusted reputation of state Departments of Motor Vehicles to harvest sensitive personal and financial information. In May 2025, cybercriminals launched a coordinated attack that impersonated multiple U.S. state DMVs,…
BlackHat AI Hacking Tool WormGPT Variant Powered by Grok and Mixtral
New variants of the notorious WormGPT hacking tool are emerging, now powered by commercial AI models like xAI’s Grok and Mistral AI’s Mixtral for malicious operations. The original WormGPT emerged in June 2023 as an uncensored generative AI tool built…
U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV)…
From Frankenstack to Framework: How MSPs Can Build Simpler, Smarter Security with Ross Brouse
Welcome back to the MSP Security Playbook. In today’s episode, we’re diving deep into one of the most persistent challenges MSPs face: balancing layered security with operational simplicity. From tool sprawl and alert fatigue to vendor bloat and agent overload,…
Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation
Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation appeared first…
WormGPT Makes a Comeback Using Jailbroken Grok and Mixtral Models
Cato CTRL uncovers new WormGPT variants on Telegram powered by jailbroken Grok and Mixtral. Learn how cybercriminals jailbreak top LLMs for uncensored, illegal activities in this latest threat research. This article has been indexed from Hackread – Latest Cybersecurity, Hacking…
DMV-Style Phishing Scams Target U.S. Citizens to Harvest Sensitive Information
A highly coordinated phishing campaign surfaced, targeting U.S. citizens by impersonating various state Departments of Motor Vehicles (DMVs). This widespread attack utilized SMS phishing, or “smishing,” as its primary delivery vector, bombarding victims with alarming text messages about fictitious unpaid…
RapperBot Botnet Surges with 50,000+ Attacks Targeting Network Edge Devices
The RapperBot botnet has resurfaced with unprecedented aggression, targeting network edge devices in a staggering series of over 50,000 attacks. Identified and detailed by researchers at Qianxin XLab, this botnet represents a sophisticated threat to Internet of Things (IoT) ecosystems,…
AdaCore and CodeSecure Merge to Form a Global Company Providing Embedded Software Security and Safety Solutions
[New York, US, 06/18/25] AdaCore, which provides software development tools for mission-critical systems, and embedded software security company CodeSecure, today announced a definitive merger agreement. The merger creates a unified company committed to advancing software safety, security, and reliability across…
Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)
Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable Authentication Modules (PAM)…
ClickFix Helps Infostealers Use MHSTA for Defense Evasion
ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFix Helps Infostealers Use MHSTA for Defense Evasion
Iran Asks Citizens To Delete WhatsApp
Iranian authorities urge citizens to remove WhatsApp form their smartphones, amid military strikes with Israel This article has been indexed from Silicon UK Read the original article: Iran Asks Citizens To Delete WhatsApp
VMware Unveils Cloud Foundation 9.0 With AI and Next-Gen Workloads
VMware has officially announced the general availability of VMware Cloud Foundation (VCF) 9.0, marking a significant leap in private cloud technology designed to meet the demands of AI, data-intensive workloads, and modern enterprise operations. For years, organizations faced a stark…
News Flodrix botnet targets vulnerable Langflow servers
Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports. Trend Research uncovered an ongoing campaign exploiting the vulnerability CVE-2025-3248 to deliver the Flodrix botnet. Attackers exploit the flaw to run scripts on Langflow…
VMware Cloud Foundation 9.0 Released With Modern Workloads & AI Services
VMware has officially launched Cloud Foundation 9.0, marking a significant evolution in private cloud technology. Released on June 17, 2025, this major update redefines what a modern private cloud platform can deliver by combining public cloud flexibility with on-premises control,…
SCATTERED SPIDER Using Aggressive Social Engineering Techniques to Deceive IT Support Teams
A wave of sophisticated cyberattacks has swept across major organizations in the UK and US, with sectors ranging from hospitality and telecommunications to finance and retail falling victim to a threat actor known as SCATTERED SPIDER. Unlike traditional ransomware groups…
Jumio Liveness Premium combats deepfakes and injection attacks
Jumio launched Jumio Liveness Premium with advanced deepfake detection, the company’s most advanced biometric liveness detection solution to date. Jumio’s premium solution leverages a patented Jumio technology, combining randomized color sequences and AI-driven analysis to confirm human presence in real…
Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign
Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. “The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence…