VenomRAT Malware Delivered via Virtual Hard Disk Images
Threat actors are constantly evolving their methods to slip past security measures and deliver malware. A recent report The post VenomRAT Malware Delivered via Virtual Hard Disk Images appeared first...
View ArticleIBM AIX Security Breach: CVE-2024-56346 (CVSS 10) & CVE-2024-56347 Explained
IBM has released a security bulletin detailing critical vulnerabilities in AIX that could allow remote attackers to execute The post IBM AIX Security Breach: CVE-2024-56346 (CVSS 10) &...
View ArticleRust Beacon Deploys Cobalt Strike in South Korean Cyber Intrusion Campaign
Hunt researchers have uncovered a cyber intrusion campaign targeting South Korean organizations, utilizing a sophisticated combination of tools The post Rust Beacon Deploys Cobalt Strike in South...
View ArticleNew “Arcane Stealer” Malware Targets Gamers Through YouTube Cheats
A new and sophisticated stealer malware named “Arcane” is targeting gamers byDistribution through YouTube videos promoting game cheats, The post New “Arcane Stealer” Malware Targets Gamers Through...
View ArticleCritical WordPress Plugin Vulnerability Exposes Over 40,000 Websites to Code...
A critical security vulnerability has been discovered in the popular Age Gate plugin for WordPress, potentially exposing over The post Critical WordPress Plugin Vulnerability Exposes Over 40,000...
View ArticleWeb Shell to Ransomware: New VMware Attack Vector Exposed by Sygnia
Cybersecurity researchers at Sygnia have uncovered a new attack method that exploits recent VMware vulnerabilities (CVE-2025-22224, CVE-2025-22225, and The post Web Shell to Ransomware: New VMware...
View ArticleSpring Security Updates Address Authorization Bypass and Password Length...
Spring, a widely used framework for Java-based applications, has disclosed two significant security vulnerabilities that could lead to The post Spring Security Updates Address Authorization Bypass and...
View ArticleCVE-2024-10442: Synology Replication Service Vulnerability Scores Maximum...
Synology has released updated security advisories detailing a critical vulnerability in its Replication Service. The vulnerability allows remote The post CVE-2024-10442: Synology Replication Service...
View ArticleDragon RaaS: Pro-Russian Hacktivist Group Walks the Razor’s Edge Between...
A new Ransomware-as-a-Service (RaaS) player is carving out its niche in the ever-evolving threat landscape. Known as Dragon The post Dragon RaaS: Pro-Russian Hacktivist Group Walks the Razor’s Edge...
View ArticleCritical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote...
Esri has disclosed a critical vulnerability in its ArcGIS Enterprise platform that could allow attackers to hijack built-in The post Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts...
View ArticleRansomHub Deploys Custom Backdoor ‘Betruger’ in Targeted Ransomware Attacks
A new report from Symantec Threat Hunter Team reveals that at least one affiliate of the RansomHub ransomware-as-a-service The post RansomHub Deploys Custom Backdoor ‘Betruger’ in Targeted Ransomware...
View ArticleEuropol Cracks Down on €6.7M Hearing Aid Fraud Scheme Exploiting French...
In a high-impact cross-border operation, Europol has dismantled a criminal network responsible for a massive €6.7 million healthcare The post Europol Cracks Down on €6.7M Hearing Aid Fraud Scheme...
View ArticleCVE-2025-1758: Critical Buffer Overflow in Kemp LoadMaster Opens Door to...
A high-severity vulnerability has been identified in Progress Software’s Kemp LoadMaster, a popular application delivery controller (ADC) and The post CVE-2025-1758: Critical Buffer Overflow in Kemp...
View ArticleCVE-2025-27888: Apache Druid Flaw Opens Door to SSRF and XSS Risks in...
Apache has disclosed a critical security vulnerability in Apache Druid, a real-time analytics database widely used for powering The post CVE-2025-27888: Apache Druid Flaw Opens Door to SSRF and XSS...
View ArticleFake Cloudflare Verification Prompts Deliver LummaStealer Trojan Through...
A widespread malware campaign is abusing fake Cloudflare verification prompts to trick users into running malicious PowerShell commands The post Fake Cloudflare Verification Prompts Deliver...
View ArticleOperation Zero Offers Millions for Telegram Zero-Click Exploits
The Russian vulnerability broker, Operation Zero, is a company specializing in the acquisition and sale of security vulnerabilities—whether The post Operation Zero Offers Millions for Telegram...
View ArticleABYSSWORKER: The EDR-Killing Driver Lurking in the Shadows
Elastic Security Labs has been closely monitoring a financially motivated campaign leveraging MEDUSA ransomware, delivered through a HEARTCRYPT-packed The post ABYSSWORKER: The EDR-Killing Driver...
View ArticleNuxt Users Beware: CVE-2025-27415 Opens the Door to Cache Poisoning Attacks
A newly discovered vulnerability in the popular Nuxt framework could allow attackers to poison CDN caches and disrupt The post Nuxt Users Beware: CVE-2025-27415 Opens the Door to Cache Poisoning...
View ArticleAMOS Stealer Reloaded: Inside a Fully Undetected macOS Data Heist
macOS users, beware. A new, fully undetected (FUD) version of the AMOS Stealer is out in the wild The post AMOS Stealer Reloaded: Inside a Fully Undetected macOS Data Heist appeared first on...
View ArticleCritical Remote Code Execution Vulnerability in vLLM via Mooncake Integration
vLLM, a popular library for Large Language Model (LLM) inference and serving, has recently addressed a critical security The post Critical Remote Code Execution Vulnerability in vLLM via Mooncake...
View Article