Unseen Msupedge Malware Exploits PHP Flaw CVE-2024-4577 in Taiwanese...
A new and sophisticated backdoor, dubbed Backdoor.Msupedge, has been identified in a recent cyberattack targeting a university in Taiwan. Symantec’s security researchers have uncovered this previously...
View ArticleAMD Extends Security Patch for RYZEN 3000, Addressing Critical SMM Vulnerability
Earlier, security researchers discovered a critical vulnerability (CVE-2023-31315, CVSS 7.5) in AMD processors, located within the System Management Mode (SMM) of the processor, which allows attackers...
View ArticleBlindEagle APT Group: A Persistent Threat in Latin America
Kaspersky Labs has issued a warning about BlindEagle, also known as APT-C-36, a persistent threat actor known for its targeted attacks in Latin America. Despite employing relatively simple techniques,...
View ArticleCongress Scrutinizes TP-Link Routers Over Cybersecurity Concerns
Two members of Congress have urged the U.S. Department of Commerce to investigate the cybersecurity risks associated with Wi-Fi routers manufactured by the Chinese company TP-Link Technologies, and...
View ArticleTelegram Banned in Amsterdam: Cybercrime Concerns Trigger Action
The authorities in Amsterdam have imposed a ban on the use of the Telegram messenger on the work phones of municipal employees. This was reported by the Dutch radio station... The post Telegram Banned...
View ArticleCVE-2024-38810: Spring Security Flaw Leaves Applications Open to Unauthorized...
A high-severity vulnerability (CVE-2024-38810) has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications. The vulnerability impacts...
View ArticleTrojanized MSIX Installers: NUMOZYLOD Malware Exploits Popular Software
Cybersecurity researchers have observed a sharp increase in infections associated with a malware distribution campaign that employs a loader known as NUMOZYLOD. According to Mandiant cybersecurity...
View ArticleCVE-2024-7272: Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC...
A critical security vulnerability, identified as CVE-2024-7272, has been uncovered in FFmpeg, the world’s leading multimedia framework renowned for its ability to decode, encode, and stream nearly any...
View ArticleCVE-2024-21689: RCE Vulnerability in Atlassian Bamboo Data Center and Server
Atlassian, a global leader in software development tools, has issued a security advisory for its Bamboo Data Center and Server products, highlighting a high-severity Remote Code Execution (RCE)...
View ArticleResearcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021)
Morphisec researchers have detailed a critical vulnerability in Microsoft Outlook, identified as CVE-2024-38021, which has the potential to allow remote attackers to execute arbitrary code on...
View ArticleCVE-2024-6800 (CVSS 9.5): Critical GitHub Enterprise Server Flaw Patched,...
GitHub, the world’s leading software development platform, has recently disclosed multiple security vulnerabilities in GitHub Enterprise Server (GHES) that could have allowed attackers to gain...
View ArticleAzure Kubernetes Services at Risk: “WireServing” Threat Revealed
A newly discovered vulnerability in Azure Kubernetes Services (AKS) has been revealed by Mandiant, a leading cybersecurity firm. The vulnerability, dubbed “WireServing,” could have allowed attackers to...
View ArticleNew Phishing Campaigns Exploit PWAs and WebAPKs to Target Mobile Banking Users
A recent report from ESET reveals a sophisticated series of phishing campaigns targeting mobile banking users across Czechia and beyond. These campaigns leverage the cross-platform capabilities of...
View ArticleCritical Infrastructure at Risk: BVIEC Confirms Cyberattack
The British Virgin Islands Electric Corporation (BVIEC) has encountered severe challenges after falling victim to a cyberattack, as officially announced on Monday, August 19th. This attack affected...
View ArticleNorth Korean Hackers Upgrade Arsenal with MoonPeak RAT
In a recent disclosure, cybersecurity researchers at Cisco Talos have uncovered a newly developed Remote Access Trojan (RAT) named “MoonPeak,” attributed to a North Korean nexus cluster identified as...
View ArticleCVE-2024-28000 (CVSS 9.8): Active Exploitation of Litespeed Cache...
A critical security vulnerability (CVE-2024-28000, CVSS 9.8) in the widely-used Litespeed Cache plugin for WordPress has been disclosed, leaving over 5 million websites at risk of complete takeover....
View ArticleMicrosoft, Linux, Dahua Flaws Exploited: CISA Warns
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert, adding four critical security vulnerabilities impacting Microsoft Exchange Server, the Linux kernel, and...
View ArticleStyx Stealer: The Evolved Threat to Your Crypto and Data
Recently, Check Point Research (CPR) discovered a new malware variant, Styx Stealer. Derived from the notorious Phemedrone Stealer, Styx was being sold via subscription with advanced capabilities such...
View ArticleUrgent Chrome Update: Active Zero-Day Exploit Detected (CVE-2024-7971)
Google has released an urgent Chrome update (version 128.0.6613.84/85) in response to an actively exploited zero-day vulnerability (CVE-2024-7971). This vulnerability, categorized as a type confusion...
View ArticleBeyond the Ransom: Inside the Mind of Brain Cipher Ransomware Group
Indonesian government agencies have fallen victim to a large-scale cyberattack orchestrated by the Brain Cipher ransomware group. On June 20, 2024, hackers dealt a severe blow to the country’s...
View Article