Tag: Cyber Security News

Researchers have identified critical vulnerabilities in MediaTek wireless LAN (WLAN) drivers that could potentially expose millions of devices to severe security risks.  These vulnerabilities, tracked under the Common Vulnerabilities and Exposures (CVE) identifiers CVE-2025-20631, CVE-2025-20632, and CVE-2025-20633, allow attackers to…

Read more →

Globe Life Inc. has become the latest victim of a high-profile cybersecurity incident, with a threat actor claiming access to sensitive personal and health data of over 850,000 individuals.  The attack, while not involving traditional ransomware, appears to be an…

Read more →

Microsoft has announced the rollout of Avatars for Microsoft Teams, a feature that allows users to create personalized avatars for meetings using Artificial Intelligence (AI).  This revolutionary update is designed to make virtual meetings more engaging and inclusive by enabling…

Read more →

OpenAI has introduced an innovative feature for ChatGPT called “Deep Research,” designed to handle complex, multi-step research tasks with exceptional efficiency. Powered by the upcoming OpenAI o3 model, this tool promises to revolutionize how professionals and everyday users approach in-depth…

Read more →

Arm, a leader in semiconductor technology, has disclosed a series of critical security vulnerabilities affecting its Mali GPU Kernel Drivers and firmware. These vulnerabilities, spanning across multiple GPU architectures, including Bifrost, Valhall, and the Arm 5th Gen GPU Architecture, pose…

Read more →

Hackers are increasingly leveraging cloud platforms like Amazon Web Services (AWS) and Microsoft Azure to orchestrate large-scale cyber attacks. These platforms, which host critical infrastructure for businesses worldwide, are being exploited through sophisticated methods, including fraudulent account setups, API key…

Read more →

A sophisticated phishing campaign has emerged, targeting high-profile X (formerly Twitter) accounts to promote fraudulent cryptocurrency schemes. The attack exploits the credibility of verified accounts, leveraging their reach to deceive users into visiting phishing sites. The attackers employ a variety…

Read more →

A significant security vulnerability has been discovered in Alibaba Cloud Object Storage Service (OSS), enabling unauthorized users to upload data to cloud storage.  This misconfiguration poses risks such as unauthorized data storage, overwriting sensitive files, and potential data breaches. The…

Read more →

NVIDIA has released a critical software security update to address multiple vulnerabilities affecting its GPU Display Driver and Virtual GPU (vGPU) software. Among these is CVE‑2024‑0149, a vulnerability in the NVIDIA GPU Display Driver for Linux that could allow attackers unauthorized…

Read more →

Linus Torvalds, the creator of the Linux kernel, has announced the release of Linux 6.14-rc1, marking the end of the two-week merge window. This release is notably smaller than usual, attributed to reduced development activity during the holiday season. Despite…

Read more →

Community Health Center, Inc. (CHC), a Connecticut-based federally qualified health center, has disclosed a data breach following a criminal cyberattack on its systems. The breach potentially exposed the sensitive personal and health information of patients and individuals who received COVID-19…

Read more →

The North Korean state-sponsored hacking group APT37 (aka ScarCruft, Reaper), has been identified leveraging group chat platforms to distribute malicious LNK files. This latest tactic highlights the group’s evolving methods to infiltrate systems and exfiltrate sensitive data. APT37’s recent campaign…

Read more →

ParrotOS, the cybersecurity-focused Linux distribution, has recently released its latest update, Parrot 6.3, which includes a number of new features, performance improvements, and updated tools to enhance the user experience. This release is designed to make ParrotOS faster, more stable,…

Read more →

As organizations increasingly adopt Infrastructure as Code (IaC) to automate and manage their cloud environments, ensuring the security of these configurations has become a critical priority. IaC allows teams to define infrastructure using code, enabling rapid deployment and scalability, but…

Read more →

A new threat to cybersecurity has emerged in the form of Devil-Traff, a bulk SMS platform designed to facilitate large-scale phishing campaigns. Leveraging advanced features such as sender ID spoofing, API integration, and support for malicious content, this platform has…

Read more →

A Web Application Firewall (WAF) is a security solution designed to protect web applications by monitoring, filtering, and blocking malicious HTTP/S traffic. Operating at the OSI model’s application layer (Layer 7), a WAF acts as a reverse proxy between users…

Read more →

A sophisticated race condition vulnerability affecting Windows 11 (x64) kernel operations, highlighting ongoing concerns about kernel-level security in modern operating systems. These race conditions, which stem from the operating system’s inability to synchronize shared resources during concurrent operations properly, could…

Read more →

The recent release of Windows 11 version 24H2 has introduced a range of new features and updates, but it has also raised significant cybersecurity concerns. A longstanding malware technique known as Process Hollowing or RunPE has encountered compatibility issues on…

Read more →

Welcome to this week’s Cybersecurity Newsletter, which presents the latest updates and key insights from the continuously evolving domain of cybersecurity. In the fast-paced digital environment of today, it is imperative to remain informed, and our objective is to provide…

Read more →

February 1 marks National Change Your Password Day, a timely initiative to combat escalating cyber risks by promoting stronger password practices. With hacking incidents surging globally, the Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the critical role of multi-factor authentication (MFA) in safeguarding digital accounts. Despite annual reminders to update…

Read more →

The notorious WantToCry ransomware group leverages misconfigured Server Message Block (SMB) services to infiltrate networks and launch widespread attacks. The weaknesses in SMBs, such as weak credentials, outdated software, and poor security configurations, are providing attackers with an easy entry…

Read more →

WhatsApp revealed on Friday that a “zero-click” spyware attack, attributed to the Israeli firm Paragon, has targeted scores of users worldwide, including journalists and members of civil society. The spyware targeted nearly 100 WhatsApp users, including journalists, and did not…

Read more →

In a move to enhance user privacy, WhatsApp has rolled out a significant update allowing users to control who can view their profile photos. This feature, available on both iOS and Android devices, provides users with more granular control over…

Read more →

Google announced today it blocked a record 2.28 million policy-violating apps from entering the Play Store in 2023, leveraging advanced machine learning, stricter developer vetting, and cross-industry collaborations to combat evolving cyberthreats.  The milestone underscores efforts to uphold its SAFE…

Read more →

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden…

Read more →

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden…

Read more →

A sophisticated cyber campaign orchestrated by the threat group TAG-124 has compromised over 1,000 WordPress websites to deploy malicious payloads. The operation leverages a multi-layered Traffic Distribution System (TDS) to infect users with malware, demonstrating advanced evasion tactics and infrastructure…

Read more →

Cybersecurity researchers have uncovered a sophisticated campaign leveraging GitHub’s trusted release infrastructure to distribute the Lumma Stealer malware. This information-stealing malware, part of a growing trend of cybercriminals abusing legitimate platforms, poses significant risks by exfiltrating sensitive data and deploying…

Read more →

The New York Blood Center Enterprises (NYBC), a vital organization responsible for supplying blood and blood products to hospitals across the region, has fallen victim to a ransomware attack. The incident has significantly disrupted its IT systems, forcing the organization…

Read more →

The rapid rise of DeepSeek, a Chinese artificial intelligence (AI) company, has not only disrupted the AI industry but also attracted the attention of cybercriminals. As its AI Assistant app became the most downloaded free app on the iOS App…

Read more →

Researchers have uncovered two critical vulnerabilities in GitHub Copilot, Microsoft’s AI-powered coding assistant, that expose systemic weaknesses in enterprise AI tools.  The flaws—dubbed “Affirmation Jailbreak” and “Proxy Hijack”—allow attackers to bypass ethical safeguards, manipulate model behavior, and even hijack access…

Read more →

A new wave of cyberattacks leveraging the Coyote Banking Trojan has been identified, targeting financial institutions in Brazil. This sophisticated malware employs malicious Windows LNK (shortcut) files as an entry point to execute PowerShell scripts, enabling multi-stage infection chains that…

Read more →

Cisco’s Webex Chat (formerly known as IMI Chat) was found to have a significant security flaw that exposed the sensitive chat histories of hundreds to thousands of organizations. The exploit allowed unauthorized attackers to access millions of live customer support…

Read more →

A critical cybersecurity vulnerability has been uncovered in Contec CMS8000 patient monitors, revealing embedded malware that poses significant risks to patient safety and data security. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that the devices include a backdoor…

Read more →

In a law enforcement operation dubbed “Operation Talent,” an international coalition of law enforcement agencies led by Germany’s Bundeskriminalamt (BKA) and Europol has dismantled two of the world’s largest cybercrime forums: Cracked.io and Nulled.to. These platforms, which collectively hosted over…

Read more →

A critical unauthenticated Remote Code Execution (RCE) vulnerability has been affecting DSL-3788 routers, allowing attackers to acquire complete control over the router remotely. The flaw has been detected in firmware versions v1.01R1B036_EU_EN and below. This vulnerability was reported by Max…

Read more →

A significant extension of Microsoft’s Microsoft 365 (M365) Bounty Program has been announced. The program now includes new Viva products under its scope for identifying vulnerabilities, with rewards reaching up to $27,000 for critical submissions.  This update underscores Microsoft’s commitment…

Read more →

Broadcom has addressed multiple vulnerabilities in its VMware Aria Operations for Logs and VMware Aria Operations products.  These vulnerabilities, identified as CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221, and CVE-2025-22222, pose significant risks, including unauthorized access to sensitive data and privilege escalation.  The…

Read more →

James Forshaw of Google Project Zero has shed light on a significant security vulnerability in Windows related to accessing trapped COM objects through the IDispatch interface. This research highlights an intriguing bug class that exploits cross-process communication features in object-oriented…

Read more →

Recent revelations have exposed critical vulnerabilities in DeepSeek’s large language models (LLMs), particularly DeepSeek-R1, through advanced jailbreaking techniques. These exploits, including “Bad Likert Judge,” “Crescendo,” and “Deceptive Delight,” have demonstrated the ease with which malicious actors can bypass safety measures…

Read more →

In a recent disclosure to the stock exchanges, Tata Technologies Limited announced that it has been the victim of a ransomware attack affecting some of its IT assets. Tata Technologies, headquartered in Pune, India, is a subsidiary of the Tata…

Read more →

A new jailbreak vulnerability in OpenAI’s ChatGPT-4o, dubbed “Time Bandit,” has been exploited to bypass the chatbot’s built-in safety functions. This vulnerability allows attackers to manipulate the chatbot into producing illicit or dangerous content, including instructions for malware creation, phishing…

Read more →

The Tor Project, a renowned organization dedicated to online privacy and anonymity, has fallen victim to a cyberattack. On January 30, 2025, the group’s official X (formerly Twitter) account was compromised and used to promote a fraudulent cryptocurrency scheme. The…

Read more →

A newly discovered Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024. Leveraging fake wedding invitations as a lure, this Trojan steals sensitive data, including SMS messages, call logs, and app notifications, and…

Read more →

Cybersecurity experts have uncovered the use of the Phorpiex botnet to distribute LockBit Black ransomware (LockBit 3.0) through millions of phishing emails and compromised websites. This campaign, active since April 2024, marks a significant evolution in ransomware delivery methods, leveraging…

Read more →

Cyber threats evolve rapidly, but some tactics stand out for their widespread use and effectiveness. In its latest 2024 trends report, ANY.RUN identified the top malware Tactics, Techniques, and Procedures (TTPs) employed by cyber attackers for malicious purposes. Let’s dive…

Read more →

The Arcus Media ransomware has emerged as a significant cybersecurity threat, employing advanced techniques to maximize disruption and hinder recovery efforts. Operating under a Ransomware-as-a-Service (RaaS) model, the group has targeted industries worldwide, including business services, retail, and media, since…

Read more →

A sophisticated Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024.  The malware uses fake wedding invitations as a lure to trick victims into installing a malicious Android Package Kit (APK).  Once installed,…

Read more →

Multiple critical security vulnerabilities affecting Canon Laser Printers and Small Office Multifunctional Printers.  These vulnerabilities, identified as buffer overflow flaws, could allow attackers to execute arbitrary code remotely or render the devices inoperative through Denial-of-Service (DoS) attacks.  The affected models…

Read more →

Microsoft has unveiled a significant update to Windows 11, enhancing the Start menu with seamless integration for both Android and iPhone devices.  This feature, previously exclusive to Android users, now extends to iPhone owners, allowing them to access their phone’s…

Read more →

A sophisticated cyberespionage campaign, tracked as CL-STA-0048, has been identified targeting government and telecommunications networks in South Asia. The attackers exploited vulnerabilities in public-facing servers running Microsoft IIS, Apache Tomcat, and MSSQL to gain unauthorized access and exfiltrate sensitive data.…

Read more →

The North Korean state-sponsored hacking group Lazarus has been implicated in a sophisticated supply chain attack targeting developers through malicious Node Package Manager (NPM) packages. Security researchers have identified the package, postcss-optimizer, as a key vector for delivering malware to…

Read more →

A sophisticated cyberattack has compromised over 10,000 WordPress websites, delivering cross-platform malware to unsuspecting users. The campaign exploits outdated WordPress versions and plugins, redirecting visitors to fake browser update pages that deploy malicious software targeting both macOS and Windows systems.…

Read more →

A new implementation of Kerberos relaying over HTTP has been unveiled, leveraging multicast poisoning to exploit vulnerabilities in Active Directory environments. The research, published by Quentin Roland, builds on previous work by cybersecurity expert James Forshaw, demonstrating how attackers can…

Read more →

The notorious Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT), has been implicated in a large-scale cyberattack campaign dubbed “Operation Phantom Circuit.” This operation involves embedding malicious backdoors into legitimate software packages, targeting developers and organizations worldwide. The…

Read more →

A new variant of the SystemBC Remote Access Trojan (RAT) has emerged, explicitly targeting Linux-based systems. Known for its stealth capabilities, this malware is designed to infiltrate corporate networks, cloud servers, and IoT devices, posing a significant threat to internal…

Read more →

DeepSeek AI has announced that its latest AI model, DeepSeek R1, now relies on Huawei’s Ascend 910C chip for inference tasks in a bold move that could ripple through the tech industry. This shift comes after the model was initially…

Read more →

A critical Remote Code Execution (RCE) vulnerability was discovered in the Lightning AI platform, a widely used tool for AI development. The flaw, which has since been patched, allowed attackers to gain root access by exploiting a hidden URL parameter.…

Read more →

A critical security vulnerability has been identified in TeamViewer Clients for Windows, allowing attackers with local access to escalate their privileges to the system level.  The flaw, tracked as CVE-2025-0065, affects versions of TeamViewer Full Client and Host prior to…

Read more →

OPNsense, the widely recognized open-source firewall and routing platform, celebrates its 10th anniversary with the release of version 25.1, codenamed “Ultimate Unicorn.”  This milestone release introduces significant upgrades, including enhanced security zone configurations, a redesigned user interface, and the integration…

Read more →

Microsoft has officially announced the integration of DeepSeek R1, an AI model, into its Azure AI Foundry platform and GitHub.  This move positions DeepSeek R1 among over 1,800 models, including frontier, open-source, and task-specific AI solutions.  The integration aims to…

Read more →

Cybercriminals have been exploiting vulnerabilities in the Remote Desktop Protocol (RDP) to gain unauthorized access to Windows systems and remotely control web browsers. This method not only compromises individual machines but also poses a significant threat to enterprise networks. RDP,…

Read more →

Cybercriminals recently exploited Google’s g.co subdomain to carry out a meticulously crafted scam over a vishing call. The incident was chronicled by Zach Latta, founder of Hack Club, who nearly fell victim to the attack. His account sheds light on…

Read more →

Cybercriminals are increasingly exploiting vulnerabilities in government websites to carry out phishing campaigns, leveraging the inherent trust users place in official domains. A recent report by Cofense Intelligence shows that how attackers are weaponizing .gov top-level domains (TLDs) across multiple…

Read more →

A security vulnerability in DeepSeek, a prominent Chinese AI startup, exposed a publicly accessible ClickHouse database containing highly sensitive information, including over a million lines of log streams. The breach, which included chat logs, API keys, backend details, and operational…

Read more →

Microsoft 365 users worldwide encountered significant disruptions today as multiple services, including the Microsoft 365 Admin Center, reported degradation or complete inaccessibility. The issue, first noted around 18:45 GMT, has left many users unable to access key services, with some…

Read more →

A significant cybersecurity threat has emerged as hackers on a prominent Russian dark web forum claim to be selling an active exploit targeting Fortinet devices. The exploit reportedly leverages a critical vulnerability, CVE-2024-55591, which affects FortiOS versions 7.0.0 through 7.0.16. …

Read more →

Researchers have uncovered two critical vulnerabilities in Apple’s custom silicon chips, dubbed SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Predictions).  These flaws, found in Apple’s A- and M-series processors, expose sensitive user data such as credit card…

Read more →

The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations.  While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations…

Read more →

The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance…

Read more →

WhatsApp’s “View Once” option is one of the privacy features in the instant messaging space that is intended to provide users with a sense of security. This feature allows users to send photos or videos that disappear after being viewed…

Read more →

Google’s Threat Intelligence Group (GTIG), in collaboration with Mandiant, has unveiled a comprehensive analysis of ScatterBrain, an advanced obfuscation tool used by China-linked cyber espionage group APT41. This obfuscator is central to the deployment of POISONPLUG.SHADOW, a modular backdoor targeting…

Read more →

Cybersecurity researchers have uncovered a surge in attacks leveraging SparkRAT, a cross-platform Remote Access Trojan (RAT) written in GoLang. This open-source tool, initially released on GitHub in 2022, has become a favorite among hackers due to its modular design, multi-platform…

Read more →

A significant threat in the cybersecurity landscape has emerged, dubbed Hellcat, a new ransomware group. This ransomware group leverages a Ransomware-as-a-Service (RaaS) model to target critical sectors such as government, education, and energy. First identified in mid-2024, Hellcat operates by…

Read more →

A new strain of information-stealing malware, dubbed FleshStealer, has emerged as a significant threat to internet users worldwide. This advanced infostealer targets Chromium and Mozilla-based web browsers, exploiting their vulnerabilities to steal sensitive data, including credentials, cryptocurrency wallet information, and…

Read more →

A proof-of-concept (PoC) exploit for the actively exploited Windows Common Log File System (CLFS) vulnerability, tracked as CVE-2024-49138 has been released. This vulnerability, which Microsoft patched on December 10, 2024, with update KB5048685 for Windows 11 versions 23H2 and 22H2,…

Read more →

Wallarm’s 2025 API ThreatStats Report exposes a startling rise in AI-focused attacks, with researchers tracking 439 AI-related CVEs in 2024—a 1,025% jump over the previous year. Almost all of these exploits 99% involve weak or poorly configured APIs. Injection flaws,…

Read more →

A new variant of the Mirai-based malware, dubbed Aquabotv3, has been identified by the Akamai Security Intelligence and Response Team (SIRT). This malware is actively exploiting a command injection vulnerability in Mitel SIP phones to execute malicious commands and propagate…

Read more →

Security experts has uncovered the sophisticated infrastructure of the Lynx Ransomware-as-a-Service (RaaS) group in a recent investigation. This ransomware group is Known for its cross-platform capabilities and affiliate-driven model. Lynx targets Windows, Linux, and VMware ESXi environments, posing a significant…

Read more →

DeepSeek R1, the latest AI model from China, is making waves in the tech world for its reasoning capabilities. Positioned as a challenger to AI giants like OpenAI, it has already climbed to 6th place on the Chatbot Arena benchmarking…

Read more →

The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severity.  It allows authenticated users with device management permissions to execute arbitrary commands on the server,…

Read more →

A vulnerability in a third-party travel service API has exposed millions of airline users to potential account takeovers, enabling attackers to exploit airline loyalty points and access sensitive personal information.  The flaw, discovered by Salt Labs, highlights the risks associated…

Read more →

A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553).  The issue stems from improper handling of directory listing paths on the router’s web interface. When a…

Read more →

A significant zero-day vulnerability in Zyxel CPE series devices, identified as CVE-2024-40891, is being actively exploited by attackers. This vulnerability enables attackers to execute arbitrary commands on affected devices, posing significant risks of system compromise, data theft, and network infiltration.…

Read more →

A new cyberattack campaign, dubbed the “Fake DeepSeek Campaign,” has been discovered targeting macOS users. DeepSeek, a Chinese-developed AI chatbot, has rapidly gained popularity globally. Threat Actors started exploiting its popularity to deliver malware & infect users’ computers. This campaign is…

Read more →

A detailed walkthrough demonstrates how attackers can manipulate Azure Key Vault’s access policies after compromising Entra ID (formerly Azure AD) credentials. According to Faran Siddiqui, a penetration tester report, a “Key Vault 06 – Abuse Decryption Key,” shed light on…

Read more →

Cloudflare revealed how its data pipeline has achieved unprecedented scalability, processing up to 706 million events per second as of December 2024 representing a staggering 100x growth since 2018. This massive data flow, which peaks at 107 GiB/s of compressed…

Read more →

PowerSchool, a leading U.S.-based education technology provider, has begun notifying students, teachers, and other affected individuals following a massive data breach that occurred in December 2024. The breach, which compromised sensitive personal information, is one of the largest cybersecurity incidents…

Read more →

Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product. The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could allow attackers with network access to execute specially crafted SQL queries to gain unauthorized access…

Read more →

Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational continuity. Researchers at ANR.RUN analyze the impact of ransomware threats in healthcare, using the notorious…

Read more →

The European Union today imposed sanctions on three Russian military intelligence officers for their involvement in a series of cyberattacks targeting Estonian government agencies in 2020.  The individuals, identified as Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are…

Read more →

Phemex, a cryptocurrency exchange based in Singapore, suffered a significant cyberattack that resulted in the theft of $85 million worth of digital assets.  The platform’s hot wallets, which are linked to the internet for real-time transactions, were the primary target…

Read more →

Cybersecurity researchers have exposed critical vulnerabilities in a telecom network that allowed unauthorized access to sensitive data and control over 3,000 companies.  The research revealed obvious vulnerabilities in the network’s backend APIs, authentication systems, and Know Your Customer (KYC) processes,…

Read more →

A financially motivated threat actor has been linked to a sophisticated cyber campaign that has been targeting users in Poland and Germany since July 2024.  The effort uses phishing emails to spread a range of malware payloads, including Agent Tesla,…

Read more →

Researchers Fabian Bräunlein and Luca Melette demonstrated how outdated Radio Ripple Control systems, used to manage up to 60 gigawatts (GW) of electricity, could be exploited by attackers to disrupt power supply on a massive scale.  Their findings, presented at…

Read more →

NVIDIA has issued a critical software security update for its GPU Display Driver, addressing multiple vulnerabilities that could potentially expose systems to denial-of-service (DoS) attacks, data tampering, and information disclosure.  This update impacts users across Windows and Linux platforms and…

Read more →

A new method of exploiting the “Bring Your Own Vulnerable Driver” (BYOVD) technique has emerged, combining it with Windows symbolic links to elevate its effectiveness. This innovative approach exploits drivers with file-writing capabilities, bypassing the need to rely solely on…

Read more →

Cybercriminals are increasingly employing a technique known as “hidden text salting” to bypass spam filters and evade detection. This method, which saw a surge in usage during the latter half of 2024, poses a significant threat to organizations relying on…

Read more →

A sophisticated phishing campaign has been uncovered, leveraging malicious PDFs disguised as official U.S. Postal Service (USPS) communications to target mobile users. This attack, identified by Zimperium’s zLabs team, employs a novel obfuscation technique to bypass traditional endpoint security measures…

Read more →

A critical Insecure Direct Object Reference (IDOR) vulnerability has been identified in One Identity Manager, a widely used identity and access management solution.  This vulnerability, officially tracked as CVE-2024-56404, allows unauthorized privilege escalation under specific configurations.  The issue affects only…

Read more →