Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Serious vulnerabilities in Zimbra Collaboration Suite (ZCS), a popular enterprise email and collaboration platform, have raised alarm in the cybersecurity community. Security researchers have identified several critical flaws that allow attackers to access sensitive data and compromise user accounts. With…

Read more →

Linus Torvalds, lead developer of the Linux kernel, announced the second release candidate (rc2) of Linux Kernel 6.14, providing developers and enthusiasts with a glimpse at the latest updates and fixes in the kernel’s development cycle. The announcement was made…

Read more →

The Tor Project has officially unveiled Tor Browser 14.0.6, now accessible for download from the Tor Browser download page and its distribution directory. The latest update introduces critical fixes and enhancements, ensuring a smoother and more secure browsing experience for users. Here’s a detailed…

Read more →

A newly discovered vulnerability in AnyDesk, the popular remote desktop software, has sparked serious cybersecurity concerns. Identified as CVE-2024-12754 and tracked under ZDI-24-1711, this flaw allows local attackers to exploit a mechanism to handle Windows background images, potentially escalating their…

Read more →

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all encrypted content stored in its iCloud service. The demand, issued under the U.K.’s controversial Investigatory Powers Act of 2016, has raised alarm among privacy advocates and…

Read more →

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning of data rather than raw content. Unlike traditional communication methods, these systems encode semantic features such as text, images, or…

Read more →

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated cyberattacks. Recent research demonstrates how autonomous LLM-driven systems can effectively perform assumed breach simulations in enterprise environments, particularly targeting Microsoft…

Read more →

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services (IIS) servers by threat actors deploying the BadIIS malware. This campaign, attributed to Chinese-speaking groups, leverages IIS vulnerabilities to manipulate search engine optimization (SEO) rankings and…

Read more →

Cybercriminals are increasingly exploiting image and video files to deliver malware, leveraging advanced techniques like steganography and social engineering. These methods allow attackers to embed malicious code within seemingly harmless multimedia files, bypassing traditional security measures and deceiving unsuspecting users.…

Read more →

A critical zero-day vulnerability has been discovered in Microsoft Sysinternals tools, posing a serious security threat to IT administrators and developers worldwide. The vulnerability enables attackers to exploit DLL injection techniques to execute malicious code, putting systems at risk of compromise. Despite being disclosed…

Read more →

The National Security Agency (NSA) has officially released Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework. Known for its robust capabilities in analyzing compiled code across multiple platforms, including Windows, macOS, and Linux, this release…

Read more →

A new wave of scareware attacks has emerged, targeting unsuspecting mobile users with fake antivirus applications designed to exploit fear and trick victims into downloading malicious software. Scareware, a type of digital fraud, employs social engineering tactics to alarm users…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical 0-day vulnerability affecting the popular file compression utility, 7-Zip, to its Known Exploited Vulnerabilities (KEV) Catalog. The vulnerability, identified as CVE-2025-0411, highlights a severe flaw that allows attackers…

Read more →

A critical security vulnerability has been identified and disclosed in the Logsign Unified SecOps Platform, allowing remote attackers to bypass authentication mechanisms. The vulnerability tracked as CVE-2025-1044, has been assigned a CVSS score of 9.8, placing it in the “Critical” severity…

Read more →

Check Point Research (CPR) has revealed that cybercriminals are increasingly leveraging the newly launched AI models, DeepSeek and Qwen, to create malicious content. These models, which lack robust anti-abuse provisions, have quickly become a preferred choice for threat actors over…

Read more →

In a concerning development for the machine learning (ML) community, researchers from ReversingLabs have uncovered malicious ML models on the Hugging Face platform, a popular hub for AI collaboration. Dubbed “nullifAI,” this novel attack method leverages vulnerabilities in the widely…

Read more →

A newly discovered phishing campaign is using fake Facebook copyright infringement notices to trick users into divulging their credentials, potentially compromising business accounts. Phishing Campaign Exploits Facebook Brand to Target Businesses Researchers at Check Point Software Technologies revealed that this…

Read more →

Cybercriminals are actively exploiting vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software to infiltrate networks, create unauthorized administrator accounts, and deploy malware, including the Sliver backdoor. These flaws, identified as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, were disclosed in early January…

Read more →

A federal grand jury has indicted Linwei Ding, also known as Leon Ding, a former Google software engineer, on four counts of theft of trade secrets. The charges stem from allegations that Ding stole proprietary artificial intelligence (AI) technologies from…

Read more →

Dell Technologies has issued a security advisory (DSA-2025-047) to address a vulnerability in the Dell Update Manager Plugin (UMP) that could expose sensitive data to malicious actors. The flaw, identified as CVE-2025-22402, is categorized as a low-risk issue but requires immediate attention and…

Read more →

DeepSeek iOS app—a highly popular AI assistant recently crowned as the top iOS app since its January 25 release—has been discovered to transmit sensitive user data to ByteDance servers without encryption.  The security flaws, uncovered by mobile app security firm…

Read more →

Hewlett Packard Enterprise (HPE) has issued a high-priority security bulletin addressing multiple vulnerabilities in its Aruba ClearPass Policy Manager (CPPM). These flaws, which range from unauthorized access to arbitrary code execution, could allow attackers to compromise affected systems. Organizations relying…

Read more →

Splunk has unveiled DECEIVE (DECeption with Evaluative Integrated Validation Engine), an innovative, AI-augmented honeypot that mimics real-world systems to lure and study cyber attackers. By leveraging advanced artificial intelligence, DECEIVE provides organizations with a powerful means of tracking, analyzing, and understanding malicious…

Read more →

Microsoft has raised alarms about a new cyber threat involving ViewState code injection attacks exploiting publicly disclosed ASP.NET machine keys to compromise ISS web servers. Microsoft has identified over 3,000 publicly disclosed keys vulnerable to ViewState code injection attacks. Unlike…

Read more →

The Abyss Locker ransomware, a relatively new but highly disruptive cyber threat, has been actively targeting critical network devices, including VMware ESXi servers, since its emergence in 2023. This ransomware group employs sophisticated tactics to infiltrate corporate networks, exfiltrate sensitive…

Read more →

Spanish authorities have arrested a hacker believed to be responsible for cyberattacks targeting over 40 public and private organizations globally. The suspect, apprehended on Tuesday in Calpe (Alicante), allegedly compromised sensitive data and disrupted critical services, including government agencies, international…

Read more →

Paragon Solutions, an Israeli cybersecurity firm, has reportedly ended its spyware contract with Italy. The termination comes in the wake of revelations that its military-grade hacking software, Graphite, was allegedly used to target 90 individuals, including journalists and activists, across…

Read more →

Cybersecurity experts are raising alarms over a new wave of attacks targeting Windows users in India, driven by the Lumma Stealer malware. This advanced information-stealing malware is being distributed through fake CAPTCHA verification pages, a deceptive tactic that preys on…

Read more →

OpenAI may have become the latest high-profile target of a significant data breach. A threat actor has surfaced on underground forums, claiming possession of email and password credentials for a staggering 20 million OpenAI accounts. This alleged breach has raised…

Read more →

A recently disclosed vulnerability in F5’s BIG-IP systems has raised alarm within the cybersecurity community. The flaw, designated CVE-2025-21091, enables remote attackers to exploit SNMP configuration issues, potentially leading to Denial-of-Service (DoS) attacks on affected systems. This vulnerability, which carries a CVSS v4.0 score…

Read more →

A new wave of cyberattacks orchestrated by the North Korea-linked Lazarus Group has been identified, leveraging fake LinkedIn job offers to infiltrate organizations and deliver sophisticated malware. Reports from cybersecurity firms, including Bitdefender, reveal that this campaign targets professionals across…

Read more →

Cybersecurity experts have identified an alarming trend of cybercriminals exploiting ConnectWise ScreenConnect, a widely-used Remote Monitoring and Management (RMM) tool, to establish persistent access to compromised systems. Threat Actors Exploit Legitimate Software for Malicious Gains Silent Push Threat Analysts and…

Read more →

Cisco has disclosed multiple vulnerabilities in its Simple Network Management Protocol (SNMP) subsystem affecting Cisco IOS, IOS XE, and IOS XR software. These flaws, identified as high-severity, could allow an authenticated remote attacker to trigger Denial-of-Service (DoS) conditions, disrupting network…

Read more →

A sophisticated malware campaign, dubbed “FatBoyPanel,” has been uncovered by cybersecurity researchers, targeting users of Indian banks. This campaign, consisting of nearly 900 malware samples, is designed to steal sensitive financial and personal information, including Aadhaar numbers, PAN cards, ATM…

Read more →

In a concerning development, the North Korean-backed hacking group Kimsuky has intensified its use of custom-built tools to exploit Remote Desktop Protocol (RDP) for controlling compromised systems. AhnLab Security Intelligence Center (ASEC) reports that the group has developed a proprietary…

Read more →

A recently discovered zero-day vulnerability in the Mobile Security Framework (MobSF) has raised alarms in the cybersecurity community. The vulnerability, which allows attackers to cause a partial Denial of Service (DoS) on scan results and the iOS Dynamic Analyzer functionality,…

Read more →

Cybersecurity enthusiasts and IT administrators worldwide are voicing concerns over a newly discovered vulnerability in AnyDesk that could lead to local privilege escalation (LPE). The vulnerability, identified as CVE-2024-12754 and coordinated by Trend Micro’s Zero Day Initiative, allows attackers to weaponize Windows…

Read more →

The Wallarm Security Research Team unveiled a new jailbreak method targeting DeepSeek, a cutting-edge AI model making waves in the global market. This breakthrough has exposed DeepSeek’s full system prompt—sparking debates about the security vulnerabilities of modern AI systems and…

Read more →

Ubuntu has announced its availability on Microsoft’s new tar-based Windows Subsystem for Linux (WSL) distribution architecture. This enhancement simplifies deployment and improves scalability, making Ubuntu on WSL more accessible and optimized for enterprise environments. Ubuntu has long been a popular…

Read more →

Cybercriminals are increasingly leveraging artificial intelligence (AI) agents to validate stolen credit card data, posing a significant threat to financial institutions and consumers. These AI-powered systems, originally designed for legitimate automation tasks, are being repurposed to execute card testing attacks…

Read more →

A sophisticated malware campaign, dubbed SparkCat, has infiltrated Google Play and Apple’s App Store, marking the first known instance of an optical character recognition (OCR)-based cryptocurrency stealer on iOS. According to cybersecurity firm Kaspersky, the malware has been downloaded over…

Read more →

The BADBOX botnet, a sophisticated malware operation targeting Android-based devices, has now infected over 192,000 systems globally. Originally confined to low-cost and off-brand devices, the malware has expanded its reach to include well-known brands such as Yandex 4K QLED TVs…

Read more →

Threat actors are increasingly leveraging free email services to infiltrate government and educational institutions, exploiting these platforms’ accessibility and widespread use. Increasing Sophistication in Cyber Threats Recent investigations reveal that advanced persistent threat (APT) groups, such as GreenSpot, have employed…

Read more →

A significant zero-day vulnerability has been uncovered in Microsoft Sysinternals tools, posing a severe risk to Windows systems. These widely-used utilities, essential for IT administrators and developers, are now susceptible to DLL injection attacks due to flaws in their dynamic…

Read more →

Cybercriminals are increasingly leveraging artificial intelligence (AI) agents to validate stolen credit card data, posing a significant threat to financial institutions and consumers. These AI-powered systems, originally designed for legitimate automation tasks, are being repurposed to execute card testing attacks…

Read more →

IBM recently disclosed a series of significant security vulnerabilities in its Cloud Pak for Business Automation platform, raising alarms about the potential exposure of sensitive data to malicious actors. The security issues, detailed in an official bulletin published on February…

Read more →

A critical privilege escalation vulnerability in Apple’s macOS kernel has been revealed, posing a significant risk to users. The flaw, identified as CVE-2025-24118, affects multiple versions of macOS, iPadOS, and macOS Sequoia. Security researcher Joseph Ravichandran (@0xjprx) from MIT CSAIL brought this issue…

Read more →

Netgear has addressed critical security vulnerabilities in several of its popular router models that could allow hackers to execute remote code without authentication. If not resolved promptly, these vulnerabilities pose a significant risk to affected devices, potentially enabling malicious actors…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with several critical security flaws, prompting heightened vigilance among organizations using affected software platforms. Among these newly added vulnerabilities are severe flaws in Apache OFBiz, Microsoft…

Read more →

Amid the surging popularity of DeepSeek, a cutting-edge AI reasoning model from an emerging Chinese startup, cybercriminals have wasted no time leveraging the widespread attention to launch fraudulent schemes. While the innovative AI tool has captivated global audiences, its meteoric…

Read more →

Several critical vulnerabilities affecting Mali Graphics Processing Units (GPUs) have surfaced, allowing hackers to exploit flaws in GPU drivers to gain full control of devices. The vulnerabilities tracked as CVE-2022-22706 and CVE-2021-39793, expose millions of devices to privilege escalation attacks, enabling attackers to…

Read more →

A sophisticated cyber espionage campaign attributed to the Chinese hacking group DaggerFly has been identified, targeting Linux systems through an advanced Secure Shell (SSH) backdoor known as ELF/Sshdinjector.A!tr. This malware, part of a broader attack framework, compromises Linux-based network appliances…

Read more →

Hackers are targeting organizations using Microsoft’s Active Directory Federation Services (ADFS) to bypass multi-factor authentication (MFA) and infiltrate critical systems. Leveraging phishing techniques, these attackers deceive users with spoofed login pages, harvest credentials, and manipulate ADFS integrations to gain unauthorized…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has released nine advisories targeting security vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities pose significant risks, including denial of service (DoS), information disclosure, and even remote code execution. Organizations using ICS technologies…

Read more →

In a concerning revelation, cybersecurity firm eSentire’s Threat Response Unit (TRU) has detected active exploitation of a six-year-old vulnerability, CVE-2019-18935, in Progress Telerik UI for ASP.NET AJAX. This flaw, which affects Internet Information Services (IIS) servers, enables malicious actors to…

Read more →

A critical vulnerability, CVE-2025-23114, has been discovered within the Veeam Updater component that poses a serious risk to organizations utilizing Veeam’s backup solutions. The flaw allows attackers to leverage a Man-in-the-Middle (MitM) attack to inject and execute arbitrary code with…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new set of guidelines to fortify firewalls, routers, internet-facing servers, and other edge devices against cyber threats. This collaborative guidance, supported by leading international cybersecurity organizations, aims to address vulnerabilities…

Read more →

On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been…

Read more →

A recently disclosed security vulnerability in the Voyager PHP package, a popular tool for managing Laravel applications, has raised significant concerns regarding the potential for remote code execution (RCE) on affected servers. This vulnerability, identified through ongoing security scans using…

Read more →

In a recent security advisory, a moderate-severity vulnerability has been identified in Apache Cassandra, potentially allowing unauthorized users to access restricted data centers or IP/CIDR groups. This flaw, designated CVE-2025-24860, affects multiple versions of the database management system, specifically those…

Read more →

As cyber threats grow more sophisticated, ANY.RUN has unveiled a series of updates aimed at improving malware detection, analysis, and overall performance of its platform. These updates, implemented in January 2025, focus on optimizing the platform’s core functionality, enhancing detection…

Read more →

SpyCloud, a leading identity threat protection company, has unveiled key innovations in its portfolio, driving a shift towards holistic identity security. By leveraging its vast collection of darknet data and automated identity analytics, SpyCloud correlates malware, phishing, and breach exposures…

Read more →

A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics…

Read more →

A new strain of Fully Undetectable (FUD) macOS malware, dubbed “Tiny FUD,” has emerged, showcasing sophisticated evasion techniques capable of bypassing antivirus and macOS security frameworks, including Gatekeeper and System Integrity Protection (SIP). The malware employs advanced methods, such as…

Read more →

SmartApeSG, a FakeUpdate cyber threat, has emerged as a significant vector for delivering NetSupport RAT, a maliciously exploited remote administration tool. The campaign ensnares victims by tricking them into downloading fake browser updates, ultimately enabling attackers to gain unauthorized access…

Read more →

Amazon Web Services (AWS) has announced significant updates to its popular data warehousing service, Amazon Redshift, with the introduction of enhanced security features aimed at minimizing data leaks and unauthorized access. These new default settings strengthen the security posture of…

Read more →

Apple, one of the most trusted technology brands in the world, recently faced a critical security exposure in its service ticket portal. The vulnerability, discovered by a tech enthusiast while submitting a repair request uncovered severe flaws in Apple’s system…

Read more →

A new macOS malware variant, dubbed “FlexibleFerret,” has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign. Despite Apple’s recent signature updates to its XProtect malware detection tool, this latest variant demonstrates the…

Read more →

A new endpoint detection and response (EDR) evasion technique has been identified that allows attackers with low-privilege access to bypass detection and operate under the radar. Unlike traditional evasion methods that require high privileges, this method exploits masquerading to deceive…

Read more →

In a significant advancement in AI safety, the Anthropic Safeguards Research Team has introduced a cutting-edge framework called Constitutional Classifiers to defend large language models (LLMs) against universal jailbreaks. This pioneering approach demonstrates heightened resilience to malicious inputs while maintaining…

Read more →

The Positive Technologies Expert Security Center (PT ESC) recently uncovered a malicious campaign targeting the Python Package Index (PyPI) repository. The campaign involved two packages, named deepseeek and deepseekai, designed to collect sensitive user data and environment variables. These packages…

Read more →

A concerning uptick in cyberattacks has emerged with ValleyRAT, a Remote Access Trojan (RAT) linked to the Silver Fox advanced persistent threat (APT) group. The malware is now employing innovative delivery techniques to infiltrate organizational networks, targeting finance and accounting…

Read more →

Linus Torvalds, the creator of Linux, announced the release of the first release candidate (rc1) for the Linux Kernel 6.14 in an official email on Sunday, February 2, 2025. This marks the end of the merge window for the new…

Read more →

A Canadian man has been charged with exploiting decentralized finance (DeFi) protocols to steal approximately $65 million from unsuspecting investors.  A five-count criminal indictment, unsealed today in a federal court in New York, accuses 22-year-old Andean Medjedovic of targeting vulnerabilities…

Read more →

Dell has released a Critical Security Update (DSA-2025-022) for its PowerProtect Data Domain (DD) systems to address multiple vulnerabilities that could allow attackers to compromise affected systems. These vulnerabilities, identified in various components and open-source dependencies, highlight the importance of timely patching…

Read more →

A critical Cross-Site Scripting (XSS) vulnerability has been discovered in the popular open-source webmail client, Roundcube, potentially exposing users to serious security risks. Tracked as CVE-2024-57004, the flaw affects Roundcube Webmail version 1.6.9 and allows remote authenticated users to upload malicious files disguised as…

Read more →

Silent Push, a cybersecurity research firm, has introduced the term “infrastructure laundering” to describe a sophisticated method used by cybercriminals to exploit legitimate cloud hosting services for illegal purposes. This practice involves renting IP addresses from mainstream providers like Amazon…

Read more →

A new wave of phishing attacks has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter). This campaign, analyzed by SentinelLABS, aims to hijack accounts belonging to prominent individuals and organizations, including U.S. political figures, international…

Read more →

In an alarming development, North Korea’s infamous Lazarus Group has been linked to a global cyber espionage campaign, code-named Operation Phantom Circuit. Beginning in September 2024, this operation exploited trusted software development tools to infiltrate systems worldwide, targeting cryptocurrency and…

Read more →

On February 3, 2025, Arm disclosed a vulnerability in the Mali GPU Kernel Driver that allows improper GPU processing operations. This issue affects Valhall GPU Kernel Driver versions ranging from r48p0 to r49p1 and r50p0 to r52p0, as well as…

Read more →

FortiGuard Labs has issued a high-severity alert regarding the Coyote Banking Trojan, a sophisticated malware targeting Microsoft Windows users. Over the past month, researchers have identified malicious LNK files employing PowerShell commands to execute scripts and connect to remote servers,…

Read more →

The integration of Internet of Things (IoT) and Internet of Medical (IoM) devices has revolutionized healthcare, enabling real-time monitoring, remote diagnostics, and data-driven decision-making. However, these advancements have also introduced significant cybersecurity vulnerabilities, particularly Distributed Denial-of-Service (DDoS) attacks. These attacks…

Read more →

Tech giant Microsoft has unveiled a groundbreaking feature for its Microsoft Teams platform: AI-generated avatars designed to revolutionize meeting personalization. This innovative feature allows users to represent themselves in meetings as digital avatars, offering a dynamic alternative to traditional video…

Read more →

Globe Life Inc., a prominent insurance provider, has confirmed a major data breach that exposed the personal and health-related information of over 850,000 users. The company disclosed the incident in a recent filing with the U.S. Securities and Exchange Commission…

Read more →

The Linux Kernel 6.14-rc1 (release candidate 1) has been officially announced by Linus Torvalds, marking the conclusion of the merge window. Described as notably “tiny” compared to previous release cycles, this development reflects the impact of the holiday season on…

Read more →

The Python Package Index (PyPI) has introduced a new feature that allows maintainers to mark projects as archived, signaling that the project is no longer actively maintained or expected to receive updates. This marks a significant step forward in supporting…

Read more →

NVIDIA has issued a critical security update to address multiple vulnerabilities in its GPU Display Driver and vGPU software, affecting both Windows and Linux systems. These vulnerabilities, disclosed in January 2025, pose risks such as denial of service (DoS), data…

Read more →

In 2024, South Korea witnessed an alarming surge in Advanced Persistent Threat (APT) attacks, with the state-sponsored APT37 group emerging as a significant threat actor. Leveraging sophisticated techniques, the group targeted individuals and organizations through malicious Hancom Office HWP documents…

Read more →

The Indonesian hacker group “INDOHAXSEC” has allegedly breached the National Tuberculosis Registry (NTBR) of Malaysia, managed by the Ministry of Health. The group announced their claim via a post on a hacking forum, stirring fears over the safety of sensitive…

Read more →

In the ever-evolving landscape of cybercrime, bulk SMS platforms like Devil-Traff have emerged as powerful tools for phishing campaigns, exploiting trust and compromising security on a massive scale. Employees in organizations today face an increasing volume of communications emails, instant…

Read more →

OpenAI has introduced “Deep Research,” a cutting-edge feature within ChatGPT that promises to revolutionize the way people handle complex and time-intensive tasks. Designed to synthesize vast amounts of information from the web in mere minutes, Deep Research aims to outperform…

Read more →

The cybersecurity realm received an exciting update this week with the release of Parrot 6.3, the latest version of the Parrot Security operating system. As one of the most trusted Linux distributions tailored for ethical hackers, penetration testers, and security researchers,…

Read more →

A significant vulnerability has been discovered in the Alibaba Cloud Object Storage Service (OSS) that allows unauthorized users to upload data, posing critical security risks for organizations relying on this cloud solution. The vulnerability, caused by the misconfiguration of the…

Read more →

BeyondTrust, a leading provider of identity and access management solutions, disclosed a zero-day breach impacting 17 Remote Support SaaS customers. The incident, detected on December 5, 2024, has been linked to the compromise of an infrastructure API key used to…

Read more →

Cybersecurity experts have uncovered a sophisticated phishing campaign targeting Microsoft advertising accounts. The attack, orchestrated through malicious Google Ads, aims to steal login credentials of users accessing Microsoft’s advertising platform. This incident highlights the growing risk of malvertising, where cybercriminals…

Read more →

In a recent investigation, Trend Micro’s Managed XDR team identified a sophisticated malware campaign exploiting GitHub’s release infrastructure to distribute Lumma Stealer, along with SectopRAT, Vidar, and Cobeacon malware. This campaign underscores the evolving tactics of attackers leveraging trusted platforms…

Read more →

In a continued commitment to enhancing user safety and trust, Google has outlined significant strides made in 2023 to mitigate malicious activities across the Android ecosystem. Guided by the SAFE principles Safeguard Users, Advocate for Developer Protection, Foster Responsible Innovation,…

Read more →

A team of researchers from Ben Gurion University of the Negev has pioneered a novel memory forensics framework for analyzing Unified Extensible Firmware Interface (UEFI) memory during the pre-operating system (pre-OS) phase. Their study, published on January 28, 2025, introduces…

Read more →

In a significant advancement against increasingly sophisticated ransomware threats, researchers from NYU Tandon School of Engineering have introduced SHIELD (Secure Host-Independent Extensible Logging), an innovative detection architecture. This system leverages hardware-level, tamper-proof metrics for real-time ransomware identification. By operating independently…

Read more →

A critical bug class termed “trapped object” has been identified by Google’s Project Zero team. This vulnerability primarily arises from improper use of object-oriented remoting technologies like DCOM and .NET Remoting, which facilitate cross-process and cross-security boundary services. These systems,…

Read more →