Tag: Cyber Security News

A sophisticated cyber threat has emerged in recent weeks, targeting unsuspecting users with fake Outlook troubleshooting calls. These calls, designed to appear legitimate, ultimately lead to the deployment of ransomware on the victim’s system. The scam involves a malicious binary…

Read more →

Threat actors have been utilizing a modified version of the SharpHide tool to create hidden registry values, significantly complicating detection and deletion efforts. This technique exploits Windows registry redirection, making it challenging for standard tools to identify and remove these…

Read more →

In 2024, Meta, the parent company of Facebook, Instagram, and WhatsApp, continued its commitment to cybersecurity by awarding over $2.3 million through its bug bounty program.  This initiative, which began in 2011, has now surpassed $20 million in total payouts,…

Read more →

In a significant step forward for cybersecurity professionals, PurpleLab offers an innovative open-source cybersecurity lab for creating and testing detection rules, simulating logs, and running malware tests. Designed as an all-in-one lab environment, PurpleLab equips analysts with tools to enhance…

Read more →

In a sophisticated cyberattack campaign, a threat actor identified as Storm-2372 has been leveraging Microsoft Teams meeting invites to execute “device code phishing” attacks.  This campaign, observed since August 2024, targets governments, NGOs, IT services, defense, telecommunications, health, education, and…

Read more →

Linus Torvalds has released Linux Kernel 6.14-rc3, the latest release candidate for the upcoming Linux 6.14 stable version. Paolo Bonzini, the maintainer of the Kernel-based Virtual Machine (KVM), has also submitted a series of fixes for the Linux Kernel 6.14-rc3,…

Read more →

In a significant update, Google has announced that its AI-powered security feature is now available to every Chrome user globally. This development marks a pivotal step in enhancing online safety through advanced machine learning techniques. The new security enhancement leverages…

Read more →

Welcome to this week’s Cybersecurity Newsletter, where we bring you the latest updates and key insights from the ever-changing world of cybersecurity. In today’s fast-paced digital environment, staying informed is crucial. Our goal is to provide you with relevant information…

Read more →

A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively exploited in the wild, cybersecurity firms warn. The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by…

Read more →

Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram as its command-and-control (C2) channel. While the malware appears to still be under development, it is already fully functional and capable of executing various malicious…

Read more →

A recently discovered Python script has been flagged as a potential cybersecurity threat due to its use of a clever anti-analysis trick.  This script, which has a low detection rate on VirusTotal (4/59), uses the tkinter library to create a…

Read more →

A website launched by Elon Musk’s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly modify its content. The vulnerability discovered by two web development experts arises from the website’s…

Read more →

The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked to a sophisticated campaign targeting software developers. This campaign involves the use of infostealer malware, designed to steal sensitive information from developers’ systems. The attack…

Read more →

Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity threat, and this campaign dubbed as “XELERA.” This campaign uses fake job offers from the Food Corporation of India (FCI) to lure victims into opening…

Read more →

The notorious Lazarus Group in a recent escalation of cyber threats linked to North Korea, has unveiled a sophisticated new tactic to target developers worldwide. This campaign, dubbed “Operation Marstech Mayhem,” involves the deployment of an advanced malware implant known…

Read more →

A highly sophisticated cyber espionage group known as EarthKapre, also referred to as RedCurl, has been identified targeting private-sector organizations, particularly those in the Law Firms & Legal Services industry. The eSentire Threat Response Unit (TRU) uncovered the group’s recent…

Read more →

North Korean IT workers have been infiltrating international companies by securing remote positions under false identities. This tactic not only violates international sanctions but also poses significant cybersecurity risks, including data theft and the installation of backdoors on compromised systems.…

Read more →

A critical SQL injection vulnerability has been identified in Apache Fineract, an open-source core banking software widely used for financial services.  This flaw, tracked as CVE-2024-32838, affects versions 1.4 through 1.9 and has been classified as important, with a CVSS…

Read more →

NVIDIA has released a security update to address a critical vulnerability in its NVIDIA Container Toolkit and NVIDIA GPU Operator, which could allow attackers to execute arbitrary code, escalate privileges, and gain access to the host file system.  This vulnerability…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has released twenty new Industrial Control Systems (ICS) advisories, aimed at addressing critical vulnerabilities in industrial systems.  The advisories cover a wide range of ICS products from prominent vendors such as Siemens, ORing,…

Read more →

Cyber threats have evolved significantly in recent years, with malicious actors employing sophisticated tactics to compromise user systems. One such threat is the SocGholish malware, which has been actively distributed through fake browser updates since 2017. This malware campaign exploits…

Read more →

A sophisticated phishing kit, known as the Astaroth 2FA phishing kit, has been identified targeting major email services such as Gmail, Yahoo, and Office 365, along with third-party login platforms. This kit is designed to bypass two-factor authentication (2FA) security…

Read more →

A sophisticated hacking campaign has been unveiled recently by Elastic Security Labs, dubbed “REF7707,” which has been targeting both Windows and Linux systems using novel malware families, including FINALDRAFT, GUIDLOADER, and PATHLOADER. This campaign has been notable for its advanced…

Read more →

A sophisticated phishing campaign, identified by Microsoft Threat Intelligence, has been exploiting a technique known as “device code phishing” to capture authentication tokens. This attack, attributed to a group called Storm-2372, has been active since August 2024 and targets a…

Read more →

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as “Salt Typhoon,” also referred to as “RedMike.”  Between December 2024 and January 2025, the group exploited over 1,000 unpatched Cisco network devices globally, targeting telecommunications providers…

Read more →

Researchers have uncovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting PostgreSQL’s interactive terminal tool, psql.  This flaw was identified during research into the exploitation of CVE-2024-12356, a remote code execution (RCE) vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote…

Read more →

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master Utility, a software tool designed to optimize the performance of AMD Ryzen™ processors.  The vulnerability, classified as DLL hijacking, could allow attackers to execute arbitrary…

Read more →

A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute arbitrary code on affected systems by exploiting malformed 7Z archive files. The flaw, rated 7.8 on the CVSS scale, impacts WinZip 28.0 (Build 16022) and…

Read more →

Palo Alto Networks has released a patch for a high-severity authentication bypass vulnerability, identified as CVE-2025-0108, affecting their PAN-OS software. GreyNoise has observed active exploitation attempts targeting this vulnerability. The flaw allows unauthenticated attackers to bypass the authentication required by the…

Read more →

ClearSky Cyber Security has uncovered a user interface (UI) vulnerability in Microsoft Windows that is currently being exploited by a sophisticated threat actor known as Mustang Panda, a group believed to be affiliated with Chinese state interests. The exploitation involves…

Read more →

A groundbreaking report from the Alliance for Securing Democracy (ASD) at the German Marshall Fund has revealed a disturbing trend: foreign threat actors from Russia, China, and Iran are increasingly targeting local communities across the United States. These operations aim…

Read more →

Burp AI, PortSwigger unveils AI-driven extensibility in Burp Suite Professional, revolutionizing the way security professionals approach application testing. In its latest stride toward innovation, PortSwigger, the creator of the widely acclaimed Burp Suite, has announced the integration of artificial intelligence…

Read more →

APT43, a notorious North Korean state-sponsored hacking group, has been actively targeting academic institutions worldwide, exploiting exposed credentials to gain unauthorized access. Linked to the Reconnaissance General Bureau (RGB), APT43 is known for its strategic intelligence gathering and financially motivated…

Read more →

ANY.RUN, a global leader in Interactive Malware sandboxes, has upgraded its browser extension to include the Safebrowsing feature, which is now available for free to all users. This tool is designed to help businesses and individuals combat phishing attempts, malicious…

Read more →

A recent phishing campaign has been uncovered by Netskope Threat Labs, highlighting a sophisticated technique where attackers exploit Webflow’s Content Delivery Network (CDN) and fake CAPTCHAs to steal sensitive financial information. This campaign, ongoing since the second half of 2024,…

Read more →

In a significant cybersecurity breach, attackers exploited a critical vulnerability in Palo Alto Networks’ PAN-OS firewall software (CVE-2024-0012) to deploy the RA World ransomware.  The attack, which occurred in late 2024, targeted a medium-sized software and services company in South…

Read more →

A recent surge in exploitation activity has been observed targeting two critical vulnerabilities, CVE-2022-47945 in ThinkPHP and CVE-2023-49103 in ownCloud. These attacks highlight the persistent threat posed by unpatched systems and the challenges organizations face in prioritizing vulnerability management. CVE-2022-47945…

Read more →

The China-based Winnti Group has targeted Japanese organizations in a recent cyberattack campaign known as “RevivalStone,” in the manufacturing, materials, and energy sectors. This campaign, confirmed in March 2024, utilizes a new version of the Winnti malware with enhanced capabilities.…

Read more →

The Chinese AI startup DeepSeek has gained significant attention in the global AI market with its open-source inference model, DeepSeek-R1. This model has been touted as a more cost-effective alternative to existing AI solutions, outperforming OpenAI’s GPT-o1. However, this newfound…

Read more →

Russian-backed hackers, specifically the Sandworm APT group (also known as APT44 or UAC-0145), have been using weaponized Microsoft Key Management Service (KMS) activators to infiltrate Windows systems in Ukraine. This campaign, which has been active since late 2023, exploits pirated…

Read more →

Critical vulnerabilities were uncovered in the popular Chinese social media app RedNote (also known as XiaoHongShu), which boasts over 300 million active users globally.  These security flaws, present in both Android and iOS versions, expose users’ browsing activity, device metadata,…

Read more →

Microsoft introduced a major update to Windows 11 (KB5031455), adding native support for 11 new compression formats, including RAR and 7z.  This update aimed to enhance user convenience by enabling file management directly within File Explorer.  However, the integration of…

Read more →

A new family of malware has been discovered that leverages Microsoft Outlook as a communication channel via the Microsoft Graph API. This sophisticated malware includes a custom loader and backdoor, known as PATHLOADER and FINALDRAFT, respectively. The malware is part…

Read more →

Security researchers from Korea University have unveiled a new vulnerability in macOS systems running on Apple Silicon processors.  Dubbed “SysBumps,” this attack successfully circumvents Kernel Address Space Layout Randomization (KASLR), a critical security mechanism designed to protect kernel memory from…

Read more →

Researchers uncovered a critical vulnerability in Amazon Web Services (AWS) involving Amazon Machine Images (AMIs).  Dubbed the “whoAMI” attack, this exploit leverages a name confusion attack, a subset of supply chain attacks, to gain unauthorized code execution within AWS accounts. …

Read more →

Palo Alto Networks has recently disclosed a critical vulnerability in its PAN-OS network security operating system, tracked as CVE-2025-0108, which allows attackers to bypass authentication on the management web interface.  This vulnerability, with a CVSSv3.1 score of 7.8, exposes affected…

Read more →

Have I Been Pwned (HIBP), a popular data breach notification service, has expressed a strong inclination to ban resellers from obtaining platform memberships.  Troy Hunt made this decision after thoroughly examining the excessive support burden these resellers impose on the…

Read more →

Hackers have been leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Pyramid, first released on GitHub in 2023, is a Python-based post-exploitation framework designed to evade endpoint detection and response (EDR) tools. Its lightweight HTTP/S server…

Read more →

Microsoft Threat Intelligence has exposed a subgroup within the Russian state actor Seashell Blizzard, known as the “BadPilot campaign.” This subgroup has been conducting a multiyear operation to compromise Internet-facing infrastructure globally, expanding Seashell Blizzard’s reach beyond Eastern Europe. The…

Read more →

CrowdStrike has disclosed a high-severity vulnerability in its Falcon Sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor. The vulnerability, identified as CVE-2025-1146, originates from a validation logic error in the Transport Layer Security (TLS) connection routine. This…

Read more →

A massive 2.7 billion records containing sensitive user data, including Wi-Fi network names, passwords, IP addresses, and device identifiers, were exposed in a massive IoT security breach linked to Mars Hydro, a China-based grow light manufacturer, and LG-LED SOLUTIONS LIMITED,…

Read more →

Google has rolled out an urgent security update for Chrome, addressing four high-severity vulnerabilities that could allow attackers to execute malicious code or compromise user data. The update, Chrome version 133.0.6943.98/.99 for Windows/Mac and 133.0.6943.98 for Linux, targets critical flaws…

Read more →

Palo Alto Networks has disclosed a critical vulnerability (CVE-2025-010) in its PAN-OS software that could allow attackers to bypass authentication on the management web interface. This flaw, which has been assigned a CVSS Base Score of 8.8, poses a significant…

Read more →

An Advanced Persistent Threat (APT) is a sophisticated and stealthy cyberattack designed to gain unauthorized, long-term access to a target’s network. These attacks are meticulously planned and executed by highly skilled threat actors, often state-sponsored groups or organized crime syndicates,…

Read more →

A significant threat has emerged in the form of the ZeroLogon ransomware exploit. This exploit targets a critical vulnerability in Microsoft’s Active Directory, specifically affecting domain controllers. The vulnerability, known as CVE-2020-1472, allows attackers to gain unauthorized access to domain…

Read more →

Researchers found a significant software supply chain vulnerability, which resulted in an outstanding $50,500 bounty from a major corporation’s bug bounty program. The duo’s success highlights the growing importance of securing the software supply chain and the risks posed by…

Read more →

A critical vulnerability in YouTube’s infrastructure allowed attackers to expose the email addresses tied to anonymous channels by combining flaws in Google’s account management system and an outdated Pixel Recorder API. The exploit chain, discovered by security researchers Brutecat and…

Read more →

zkLend, a prominent decentralized finance (DeFi) protocol built on Ethereum’s Layer-2 zk-rollup technology, has fallen victim to a major security breach resulting in the theft of approximately 3,300 ETH, valued at around $8.5 million at current market prices.  Unexpectedly, zkLend…

Read more →

Hackers have allegedly breached OmniGPT, a ChatGPT-like AI chatbot platform, exposing sensitive data of over 30,000 users.  The leaked data reportedly includes email addresses, phone numbers, API keys, and over 34 million user-chatbot interactions.  A post on a hacking forum…

Read more →

A new wave of cyberattacks has surfaced, with a Mirai-based botnet exploiting a number of significant vulnerabilities in routers and smart devices, primarily targeting industrial and home networks worldwide.  The Shadowserver Foundation recently shared on X the botnet’s active exploitation…

Read more →

A critical vulnerability in SonicWall firewalls, identified as CVE-2024-53704, has been actively exploited by attackers to hijack SSL VPN sessions. This vulnerability affects SonicOS versions 7.1.x (7.1.1-7058 and older), 7.1.2-7019, and 8.0.0-8035. The exploit allows a remote attacker to bypass…

Read more →

A critical zero-day vulnerability has been discovered in a Windows driver, allowing attackers to gain remote access to systems. This vulnerability, identified as CVE-2025-21418, was disclosed on February 11, 2025, and is classified as “Important” with a CVSS score of…

Read more →

A critical vulnerability in Ivanti Connect Secure (CVE-2025-0282) is being actively exploited by multiple threat actors to deploy an advanced malware variant known as SPAWNCHIMERA.  This vulnerability, disclosed in January 2025, is a stack-based buffer overflow that allows remote unauthenticated…

Read more →

A critical security vulnerability has been identified in Windows’ Lightweight Directory Access Protocol (LDAP) implementation, allowing attackers to execute arbitrary code remotely. This “wormable” vulnerability, designated as CVE-2025-21376, was disclosed on February 11, 2025, by Microsoft. The vulnerability is classified…

Read more →

Microsoft Threat Intelligence has uncovered a new tactic employed by the North Korean state-sponsored hacking group Emerald Sleet, also known as Kimsuky or VELVET CHOLLIMA. The group is leveraging social engineering techniques to trick victims into running PowerShell commands as…

Read more →

A significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems. This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025, and is classified as an Elevation of Privilege vulnerability with…

Read more →

A sophisticated attack targeting Google’s Gemini Advanced chatbot.  The exploit leverages indirect prompt injection and delayed tool invocation to corrupt the AI’s long-term memory, allowing attackers to plant false information that persists across user sessions.  This vulnerability raises serious concerns…

Read more →

Ivanti has disclosed a critical vulnerability, CVE-2025-22467, impacting its Connect Secure (ICS) product.  This stack-based buffer overflow vulnerability, rated 9.9 (Critical) on the CVSS v3.1 scale, allows remote authenticated attackers to execute arbitrary code on affected systems.  The flaw is…

Read more →

In honor of Safer Internet Day, Google has announced a significant milestone in online security, more than 1 billion Chrome users are now safeguarded by the browser’s Enhanced Protection mode. This advanced security feature, introduced in 2020 as part of…

Read more →

Devolutions have disclosed critical vulnerabilities in its Remote Desktop Manager (RDM) software, which could allow attackers to intercept and modify encrypted communications through man-in-the-middle (MITM) attacks.  These flaws stem from improper certificate validation across all platforms and have been assigned…

Read more →

A significant security vulnerability, identified as CVE-2023-24932, has been discovered in Microsoft’s Secure Boot feature. This vulnerability allows attackers to bypass Secure Boot, potentially leading to the theft of admin credentials. The vulnerability was first disclosed on May 9, 2023,…

Read more →

Three critical vulnerabilities have been identified in the PAM-PKCS#11 module, a widely used Linux-PAM login module that facilitates X.509 certificate-based user authentication. These vulnerabilities, cataloged under CVE-2025-24032, CVE-2025-24531, and CVE-2025-24031, pose significant risks by allowing attackers to bypass authentication mechanisms,…

Read more →

The OpenSSL Project announced a high-severity vulnerability (CVE-2024-12797) affecting versions 3.2, 3.3, and 3.4 of the widely used cryptographic library. The vulnerability, discovered by Apple Inc. in December 2024, could potentially allow man-in-the-middle (MitM) attacks on TLS and DTLS connections…

Read more →

Microsoft released a security update as part of the February Patch Tuesday that addressed 61 vulnerabilities, including 25 classified as critical Remote Code Execution (RCE) vulnerabilities, including 3 zero-day vulnerabilities that were actively exploited in the wild. The update covers…

Read more →

Fortinet has issued an urgent warning about actively exploiting a new zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products. This critical flaw allows remote attackers to gain super-admin privileges by sending maliciously crafted CSF proxy requests. The…

Read more →

Fortinet has rolled out critical security updates to address a severe zero-day vulnerability (CVE-2025-24472) and multiple high-risk flaws across its product portfolio, including FortiOS, FortiProxy, FortiManager, and FortiAnalyzer.  Fortinet warns of a new zero-day flaw (CVE-2025-24472), which allows attackers to…

Read more →

Microsoft released a security update as part of the February Patch Tuesday that addressed 61 vulnerabilities, including 25 classified as critical Remote Code Execution (RCE) vulnerabilities, including 3 actively exploited in the wild. The update covers a wide range of…

Read more →

A security audit of Fortinet’s FortiOS VPN conducted by Akamai researcher Ben Barnea has uncovered multiple vulnerabilities that could enable attackers to launch denial-of-service (DoS) attacks and potentially execute remote code (RCE). The findings, responsibly disclosed to Fortinet, prompted a…

Read more →

Ivanti has issued critical updates for its Cloud Services Application (CSA) to address two significant vulnerabilities, one of which could allow attackers to execute arbitrary code remotely. The vulnerabilities, identified as CVE-2024-47908 and CVE-2024-11771, affect CSA versions 5.0.4 and earlier.…

Read more →

Fortinet has addressed a critical security flaw in its FortiOS Security Fabric that could allow authenticated administrators to elevate privileges to the super-admin level by connecting vulnerable devices to malicious upstream FortiGate systems. Tracked as an “incorrect privilege assignment” vulnerability,…

Read more →

Researchers have identified a surge in newly registered Valentine’s Day-themed domains, with threat actors leveraging terms like “love,” “gift,” and “Valentine” to orchestrate phishing, malware, and romance scams. This trend aligns with historical patterns where cybercriminals exploit seasonal events to…

Read more →

The UK government has imposed strict sanctions on ZSERVERS, a Russian-based cyber entity identified as a key enabler of global ransomware attacks. The sanctions target six members of the ZSERVERS network and its UK-based front company, XHOST Internet Solutions LP,…

Read more →

Advanced Persistent Threats (APTs) represent a significant challenge for cybersecurity, targeting critical organizations with stealth and precision. Traditional Network Intrusion Detection Systems (NIDS) often fail to detect these threats due to their sophisticated tactics. To address this, researchers Almuthanna Alageel…

Read more →

Check Point Software Technologies Ltd, a leading provider of cyber security solutions, has announced a strategic partnership with Wiz, a cloud security provider, to tackle the increasing challenges of securing hybrid cloud environments. This collaboration aims to bridge the gap…

Read more →

SAP has released 19 new Security Notes and two updates to existing patches in its February 2025 Security Patch Day, targeting high-risk vulnerabilities across its product suite. The updates include fixes for cross-site scripting (XSS), authentication bypasses, and authorization flaws…

Read more →

Discord has introduced a groundbreaking privacy feature called “Ignore.” This announcement coincides with Safer Internet Day 2025, celebrated globally on February 11, which emphasizes creating a safer and more responsible digital environment.  The inclusion of Ignore demonstrates Discord’s recognition of…

Read more →

In the ongoing battle between cybersecurity and AI, researchers have introduced a groundbreaking innovation, IllusionCAPTCHA, a CAPTCHA system that leverages visual illusions to differentiate between human users and AI bots. This novel approach aims to counter the increasing threat of…

Read more →

The USB Army Knife is a versatile red-teaming tool for penetration testers that emulates a USB Ethernet adapter for traffic capture, enables custom attack interfaces, and functions as covert storage all in one compact device. This multi-functional firmware combines a…

Read more →

SEOUL, South Korea’s National Intelligence Service (NIS) has raised concerns over the Chinese AI app DeepSeek, accusing it of “excessively” collecting personal data and posing national security risks.  The NIS issued an advisory urging government agencies to adopt stringent security…

Read more →

A sophisticated malware campaign dubbed “FinStealer” is actively targeting customers of a leading Indian bank through fraudulent mobile applications. The malware, identified as Trojan.rewardsteal/joxpk, employs advanced tactics to steal banking credentials and personal information from unsuspecting users. The malicious campaign…

Read more →

Progress has disclosed multiple critical security vulnerabilities affecting its LoadMaster product line, including the Multi-Tenant (MT) hypervisor.  These vulnerabilities, identified as CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, and CVE-2024-56135, allow attackers to execute arbitrary system commands or access sensitive files.  While no…

Read more →

January 2025 marked a significant month in the ransomware landscape, with Akira emerging as the leading threat. According to recent reports, Akira was responsible for 72 attacks globally, highlighting its rapid rise in prominence. This surge in activity is part…

Read more →

Eric Council Jr., a 25-year-old from Athens, Alabama, pleaded guilty on February 10, 2025, to charges stemming from the January 2024 hacking of the U.S. Securities and Exchange Commission’s (SEC) social media account on X (formerly Twitter).  The breach involved…

Read more →

Researchers have shed light recently on the sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean hackers. This comprehensive analysis, spanning nearly three years, focuses on targeted digital threats against civil society organizations (CSOs) in South Korea. The research…

Read more →

A recently discovered vulnerability in Ubuntu 22.04’s printing subsystem, specifically within the “ippusbxd” package, could have allowed attackers to execute arbitrary code on locked laptops. However, modern compiler features stepped in to mitigate the risk, preventing exploitation beyond a system…

Read more →

Apple has rolled out iOS 18.3.1 and iPadOS 18.3.1, addressing a Zero-day vulnerability exploited in targeted extremely sophisticated attacks by taking advantage of disabling the USB-restricted mode. Apple’s USB Restricted Mode is a security feature that prevents unauthorized access to data…

Read more →

In a significant breakthrough against global cybercrime, Thai authorities announced today the arrest of four European nationals linked to the notorious 8Base ransomware group. The operation, codenamed “Phobos Aetor,” culminated in the seizure of the group’s dark web infrastructure and…

Read more →

A critical security vulnerability, CVE-2024-52875, has been identified in GFI KerioControl firewalls, affecting versions 9.2.5 through 9.4.5. This flaw, which can be exploited for remote code execution (RCE), has already drawn significant attention from cybercriminals, with thousands of unpatched systems…

Read more →

A critical server-side request forgery (SSRF) vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims across multiple services, including Power Apps, Power Automate, Copilot Studio, and Copilot 365. The patched flaw posed severe…

Read more →

Cybersecurity experts have observed a significant increase in the use of the NetSupport Remote Access Trojan (RAT) in recent months, a malicious tool that allows attackers to gain full control over compromised systems. This surge in activity has been linked…

Read more →