French Police Crack Down on $14.4 Million Holograph Hack
French authorities have arrested several suspects in connection with the devastating hacking attack on the Holograph platform, which resulted in the theft of tokens worth $14.4 million. The...
View ArticleCVE-2024-7646: A Threat to Kubernetes Clusters Running ingress-nginx
A newly discovered security vulnerability, CVE-2024-7646, has been identified in the widely used ingress-nginx controller for Kubernetes, posing a severe threat to multi-tenant environments. With a...
View ArticleBeware of Fake PoC Exploits for 0-Click RCE CVE-2024-38063 on GitHub
Security researchers have discovered a series of fake proof-of-concept (PoC) exploit codes for the critical CVE-2024-38063 vulnerability affecting Windows systems. These fraudulent exploits, which have...
View ArticleDebian 11 ‘Bullseye’ Enters LTS: What You Need to Know
Debian 11, codenamed Bullseye and released on August 14, 2021, has now reached the end of its three-year regular security support period. Consequently, the Debian LTS team has taken over... The post...
View ArticleHookChain: The Technique That Bypass Exposes EDR in 94% of Security Solutions
In an ever-evolving cybersecurity landscape, where threats are becoming more sophisticated by the day, the focus on Endpoint Detection and Response (EDR) systems has never been more critical. However,...
View ArticleChrome for Android to Blur Sensitive Data in Screen Captures
Google is set to enhance the security of its Chrome browser on Android by introducing a new feature designed to obscure sensitive information during screen recording, screen sharing, and similar... The...
View ArticleCyberattack Cripples Unicoin: Employees Locked Out
The cryptocurrency company Unicoin recently suffered a major cyberattack, resulting in the company’s employees losing corporate access for a full four days. The incident occurred on August 9, when...
View ArticlePrestaShop Websites Under Attack: GTAG Websocket Skimmer Steals Credit Card Data
Security researchers at Sucuri have discovered a new credit card skimmer exploiting a vulnerability in PrestaShop websites. This sophisticated attack uses a WebSocket connection to pilfer sensitive...
View ArticleNew Infostealer “Ailurophile” Discovered, Poses Significant Risk to User Privacy
A new information-stealing malware dubbed “Ailurophile” has been discovered by cybersecurity researchers at G DATA. This PHP-based stealer, suspected to have Vietnamese origins, is being sold on a...
View ArticleBackdoor discovered in MIFARE classic compatible cards
In a significant revelation, cybersecurity researchers have uncovered critical vulnerabilities in a new variant of the widely used MIFARE Classic smart cards. Despite years of updates and security...
View ArticleF5 Issues Security Advisories for NGINX Plus (CVE-2024-39792) & BIG-IP Next...
F5, a prominent provider of application delivery and security solutions, has recently released security advisories addressing vulnerabilities in two of its products: NGINX Plus and BIG-IP Next Central...
View ArticleThe Truth Behind the National Public Data (NPD) Breach
In July, one of the largest data breaches in history occurred, involving the company National Public Data (NPD). The incident garnered widespread media attention and became the subject of a... The post...
View ArticleQilin Ransomware Group’s Latest Victims: From Schools to Municipalities
Recently, the nonprofit organization Promises2Kids, dedicated to supporting children in San Diego, California, USA, fell victim to an attack by the Qilin hacker group, notorious for spreading...
View ArticleCVE-2024-5932 (CVSS 10): Critical RCE Vulnerability Impacts 100k+ WordPress...
A critical security flaw (CVE-2024-5932) in the popular GiveWP WordPress plugin has left over 100,000 websites vulnerable to remote code execution and unauthorized file deletion. This vulnerability,...
View ArticleNetSuite Data Exposure: Thousands of Sites Vulnerable to Unauthenticated Access
A significant vulnerability has been discovered in Oracle NetSuite’s cloud-based business management platform, which could lead to the exposure of sensitive customer data from thousands of e-commerce...
View ArticlePoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released
Researchers have published the technical details and proof-of-concept (PoC) exploit code for two critical zero-day vulnerabilities in Windows, tracked as CVE-2024-38202 and CVE-2024-21302. These...
View ArticleRaspberry Pi Foundation Launches More Affordable 2GB Pi 5
In 2023, the single-board computer manufacturer Raspberry Pi launched the Raspberry Pi 5, a device that comes with 4GB of memory by default, though an 8GB version is also available.... The post...
View ArticleLazarus Group Exploits Microsoft Zero-Days CVE-2024-38193, Patch Urgently
Last week, Microsoft addressed multiple high-severity security vulnerabilities in its security updates, some of which have already been exploited by hackers. For instance, the CVE-2024-38193 (CVSS 7.8)...
View ArticleCVE-2024-43202: RCE Vulnerability Discovered in Apache DolphinScheduler
The Apache DolphinScheduler project, renowned for its streamlined approach to data orchestration, has issued a critical security advisory warning users of a remote code execution (RCE) vulnerability....
View ArticleTA453 Deploys New BlackSmith Malware Toolset in Phishing Attack on Religious...
Cybersecurity firm Proofpoint has uncovered a new phishing campaign by the Iranian-backed threat actor TA453 (aka Charming Kitten, Mint Sandstorm, APT42). In this campaign, TA453 impersonated the...
View Article