A series of critical vulnerabilities in Thinkware’s F800 Pro dashcam has revealed systemic security flaws, including the exposure of user credentials in plain text, default authentication bypasses, and insecure data storage practices. These issues, disclosed between November 2024 and March…
Tag: Cyber Security News
Peaklight Malware Attacking Users To Exfiltrate Login Credentials, Browser History & Financial Data
A sophisticated information stealer known as Peaklight is actively targeting Windows users worldwide. This malware, identified on March 6, 2025, is designed to harvest sensitive information from compromised endpoints, creating significant risks for both individuals and organizations. Peaklight utilizes a…
New North Korean Moonstone Sleet Employs Creative Tactics To Deploy Custom Ransomware
Cybersecurity researchers have identified a sophisticated ransomware campaign attributed to a North Korean threat actor dubbed “Moonstone Sleet.” The group has deployed an advanced custom ransomware strain targeting financial institutions and cryptocurrency exchanges across Southeast Asia and Europe, demonstrating evolving…
Apache Traffic Server Vulnerabilities Let Attackers Perform Malformed Requests
The Apache Software Foundation has issued urgent patches for multiple high-severity vulnerabilities in Apache Traffic Server (ATS), its enterprise-grade caching proxy server. Four distinct flaws (CVE-2024-38311, CVE-2024-56195, CVE-2024-56196, and CVE-2024-56202) enable threat actors to execute request smuggling attacks, bypass access…
Akira Ransomware Attacking Windows Server via RDP & Evades EDR Using Webcam
A sophisticated ransomware group called Akira has been responsible for approximately 15% of cybersecurity incidents in 2024. The threat actor has deployed novel techniques to bypass security defenses, most notably by exploiting unsecured webcams to circumvent Endpoint Detection and Response…
Commvault Webserver Vulnerability Let Attackers Compromise Webserver
Commvault, a global leader in enterprise data protection and management solutions, has urgently patched a high-severity webserver vulnerability that enables attackers to compromise systems by creating and executing malicious webshells. The flaw affects multiple versions of Commvault’s software across Linux…
Microsoft WinDbg RCE Vulnerability Let Attackers Execute Arbitrary Code Remotely
A high-severity vulnerability CVE-2025-24043, remote code execution (RCE) through improper cryptographic signature validation in the SOS debugging extension. The vulnerability affects critical .NET diagnostic packages including dotnet-sos, dotnet-dump, and dotnet-debugger-extensions, which are integral to .NET Core application debugging workflows. According…
1 Million Devices Infected by Malwares Hosted on GitHub, Microsoft Warns
Microsoft Threat Intelligence detected a large-scale malvertising campaign in early December 2024 that infected nearly one million devices globally in an opportunistic attack designed to steal information. The campaign impacted a wide range of organizations and industries, affecting both consumer…
Hackers Leveraging Compromised Email Server To Send Fraudulent Emails
In a sophisticated business email compromise (BEC) attack recently uncovered by Trend Micro Managed XDR team, threat actors exploited a compromised third-party email server to conduct fraudulent financial transactions between business partners. The scheme, which unfolded over several days, involved…
Popular Python Library Vulnerability Exposes 43 million Installations to Code Execution Attacks
A recently disclosed vulnerability in the widely used Python JSON Logger library has exposed an estimated 43 million installations to potential remote code execution (RCE) attacks through a dependency chain flaw. Tracked as GHSA-wmxh-pxcx-9w24 and scoring 8.8/10 on the CVSS…
Notorious Black Basta Tactics, Techniques and Procedures Uncovered From Leak
A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations. A Telegram user named ExploitWhispers unveiled the leak contained approximately 200,000 chat messages dated between September 2023…
Hackers Using Advanced Social Engineering Techniques With Phishing Attacks
Cybercriminals are advancing beyond rudimentary phishing attempts, adopting sophisticated social engineering strategies that build relationships with targets before delivering malicious payloads. ESET’s APT Activity Report shows that the North Korea-aligned threat actors have significantly refined their tactics, making traditional security…
North Korean Hackers Cash Out $300 Million From Record $1.46 Billion ByBit Crypto Heist
Lazarus Group hackers believed to be affiliated with North Korea’s regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange. The cybercriminals, identified as the infamous Lazarus Group, executed the attack…
Detecting Cyber Attack Patterns by Analyzing Threats Actors Infrastructure
The identification of cyber attack patterns through infrastructure analysis has emerged as a crucial methodology in modern threat intelligence. By examining the digital footprints left by threat actors, security analysts can now reconstruct attack campaigns and attribute them to specific…
Hackers Exploiting ‘any/any’ Communication Configs in Cloud Services to Host Malware
Veriti has uncovered a concerning trend where cybercriminals are actively exploiting misconfigured cloud services to distribute malware and control compromised systems. Over 40% of networks allow “any/any” communication with at least one major cloud provider, creating significant security vulnerabilities for…
PrintSteal Cyber Criminal Group Distributing Fake Aadhaar & PAN Cards at Large Scale
A sophisticated cyber criminal operation known as “PrintSteal” has been discovered generating and distributing fraudulent Indian identity documents on a massive scale. This operation has established over 1,800 domains impersonating government websites, with approximately 600 currently active. The criminal network…
7 Weaponized Go Packages Attacking Linux & macOS To Install Hidden Malware Loader
Security researchers have uncovered an ongoing malicious campaign targeting the Go ecosystem with seven typosquatted packages designed to install hidden loader malware on Linux and macOS systems. The threat actor has published packages that impersonate widely used Go libraries, employing…
Top 50 Best Penetration Testing Companies – 2025
Penetration testing companies specialize in evaluating the security of an organization’s IT infrastructure by simulating real-world cyberattacks. These companies use ethical hacking techniques to identify vulnerabilities in networks, applications, and systems before malicious hackers can exploit them. What Do Penetration…
PoC Exploit Released for Actively Exploited Linux Kernel Out-Of-Bounds Write Vulnerability
A proof-of-concept (PoC) exploit has been released for a high-severity out-of-bounds write vulnerability in the Linux kernel, identified as CVE-2024-53104. The vulnerability exists within the USB Video Class (UVC) driver and can lead to privilege escalation. The flaw stems from…
Hackers Registered 10K Domains With Same Name for Smishing Attack Via iMessage
A large-scale SMS phishing (smishing) campaign distributed via iMessage involving more than 10,000 domains registered by a threat actor was discovered recently. These domains are designed to impersonate toll services and package delivery platforms across multiple U.S. states and one…