CVE-2023-52424: New WiFi Flaw Leaves All Devices Vulnerable to ‘SSID...
A recently discovered vulnerability in the WiFi standard has revealed significant security risks, allowing attackers to mislead users into connecting to insecure networks. This vulnerability,...
View ArticleHPE Aruba Networking Patches Critical Vulnerabilities in Access Points
HPE Aruba Networking has issued an urgent security advisory, urging customers to patch their Aruba Access Points running InstantOS and ArubaOS 10 due to the discovery of multiple critical...
View ArticleCVE-2024-32741 (CVSS 10): Siemens SIMATIC CN 4100 Critical Vulnerability Exposed
Siemens, a global industrial automation leader, has issued a critical security advisory for its SIMATIC CN 4100 communication node, warning of severe vulnerabilities that could expose industrial...
View ArticleMillions of IoT Devices Vulnerable After Researchers Uncover Flaws in...
Recently, Bitdefender IoT researchers revealed four critical vulnerabilities in ThroughTek’s Kalay platform, a cornerstone of the IoT ecosystem. This platform powers over 100 million devices worldwide,...
View ArticleStorm-1811 Exploits Quick Assist for Social Engineering, Paving Way for Black...
Microsoft Threat Intelligence has uncovered a sophisticated ransomware campaign orchestrated by the cybercriminal group Storm-1811. This nefarious scheme involves a novel tactic of exploiting...
View ArticleCVE-2024-4947: New Chrome 0-Day Vulnerability Under Active Exploitation
Google has issued an urgent security update for its Chrome web browser, responding to a newly discovered “zero-day” vulnerability that is actively being exploited by malicious actors. This serious...
View ArticleNew Malvertising Campaign Leads to Ransomware Through Trojanized Installers...
Cybersecurity firm Rapid7 has uncovered a widespread malvertising campaign that is actively targeting individuals searching for popular utilities like WinSCP and PuTTY. This sophisticated attack uses...
View ArticleFrom Invoice to Infection: Darkgate’s Phishing Campaign Exposed
Forcepoint’s X-Labs research team has uncovered a sophisticated and stealthy phishing campaign orchestrated by the notorious Darkgate malware. This report reveals the intricate details of the campaign,...
View ArticleRussia-Linked Threat Actors Continue to Target Critical Infrastructure
In the relentless landscape of cyber warfare, the prowess of Russia-linked Advanced Persistent Threat (APT) groups continues to evolve, posing a significant threat to Operational Technology (OT)...
View ArticleFroxlor Web Hosting Control Panel Vulnerable to Remote Compromise...
A critical vulnerability (CVE-2024-34070) has been discovered in Froxlor, a popular open-source web hosting control panel. This flaw, rated 9.7 on the CVSS severity scale, could allow an...
View ArticleBeware of Instagram Influencer Scams: McAfee Labs Exposes New Threat
Instagram, a social media giant with over a billion users, has become a fertile ground for scammers and fraudsters. Leveraging the platform’s influencer program, these cybercriminals employ various...
View ArticleGit Patches Critical RCE Vulnerabilities – CVE-2024-32002 & CVE-2024-32004
The Git project, a cornerstone of software development, has recently addressed a series of critical security vulnerabilities that could expose users to remote code execution (CVE-2024-32002,...
View ArticleCVE-2024-4984: Yoast SEO Flaw Exposes Millions of WordPress Sites to Attack
Yoast SEO, the widely used WordPress plugin with over 5 million active installations, has been found vulnerable to a Stored Cross-Site Scripting (XSS) flaw. This vulnerability, tracked as...
View ArticleUrgent Security Alert for Siemens Fire Protection Systems: Critical...
Siemens, a leading provider of fire safety solutions, has issued a critical security advisory warning of severe vulnerabilities in its Cerberus PRO UL and Desigo Fire Safety UL systems. These...
View ArticleCISA Alerts on Active Exploitation of Flaws in D-Link Routers and Chromium...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning to federal agencies and the wider public about three security vulnerabilities currently being exploited by...
View ArticlePhishing Campaign Bypasses MFA to Target Meta Business Accounts, Putting...
Cybersecurity firm Cofense has exposed a sophisticated phishing campaign that is actively targeting Meta business accounts worldwide. This elaborate scheme, leveraging a comprehensive toolkit and...
View ArticleThreat Actors Exploit GitHub to Spread Malware, Targeting Multiple Operating...
Recorded Future’s Insikt Group has uncovered a significant cyber threat campaign attributed to Russian-speaking threat actors, likely based in the Commonwealth of Independent States (CIS). The campaign...
View ArticleCVE-2024-34716: Critical Security Vulnerability Uncovered in PrestaShop
The PrestaShop project, a leading open-source e-commerce platform powering over 300,000 web stores globally since 2007, has recently issued a security advisory revealing two significant...
View ArticleTransparent Tribe & SideCopy: A Dangerous Cyber Alliance Targeting India
In a recent analysis, Cyble Research and Intelligence Labs (CRIL) has uncovered alarming developments involving two Advanced Persistent Threat (APT) groups, Transparent Tribe (APT36) and SideCopy....
View ArticleCVE-2024-32888 (CVSS 10): SQLi Vulnerability Discovered in Amazon Redshift...
A critical SQL injection vulnerability (CVE-2024-32888) has been discovered in the Amazon JDBC Driver for Redshift, a widely-used tool for connecting Java applications to Amazon’s Redshift data...
View Article