Centreon Issues Critical Security Update: SQL Injection Vulnerabilities...
Centreon, a widely-used open-source monitoring solution, has issued a critical security bulletin addressing multiple SQL injection vulnerabilities in its Centreon Web interface. These vulnerabilities,...
View ArticleFirefox Klar’s Quiet Change: Adjust Removed Amidst Privacy Concerns
Mozilla has removed the integration with Adjust from its Firefox and Firefox Klar (Firefox Focus) browsers for Android and iOS. The Adjust SDK was used to measure the effectiveness of... The post...
View ArticleDigital Wallets: Unveiling Critical Security Risks
A group of security researchers has uncovered vulnerabilities in Apple Pay, Google Pay, and PayPal systems, which allow stolen and canceled payment cards to be used for transactions. The findings......
View ArticleIranian Hackers Target US Politicians on Meta Platforms
Meta, the company that owns the popular social networks Facebook, Instagram, and the messaging service WhatsApp, has uncovered attempts to hack the accounts of American officials. The hackers targeted...
View ArticleGoogle Chrome Faces Double Blow with New Zero-Day Flaw Exploits:...
In a significant update to its security advisory, Google has confirmed that CVE-2024-7965, a high-severity zero-day vulnerability in the Chrome browser, has been actively exploited in the wild. This...
View ArticleExploitation of URL Rewriting: A New Phishing Paradigm Threatens Cybersecurity
Perception Point security researchers have recently uncovered a disturbing trend in phishing attacks: the exploitation of URL rewriting features, a mechanism designed to protect users, is now being...
View ArticleCVE-2024-6386 (CVSS 9.9) in WPML Plugin Exposes Millions of WordPress Sites...
A severe security flaw (CVE-2024-6386, CVSS 9.9) has been discovered in the widely-used WPML plugin for WordPress, potentially exposing over one million websites to the risk of complete takeover....
View ArticlePidgin Users Beware! Malicious Plugin Discovered with Keylogger
In a recent and alarming development, the popular messaging client Pidgin has removed a third-party plugin, “ss-otr,” from its plugin list after it was discovered to contain a malicious keylogger.......
View ArticleZero-Click Windows RCE Threat: Researcher Publishes PoC Exploit for...
In a significant development for cybersecurity professionals, security researcher Ynwarcs has published an in-depth analysis and proof-of-concept (PoC) exploit code for a critical zero-click...
View ArticleCVE-2024-42531 (CVSS 9.8): Ezviz Camera Flaw Exposes Live Feeds to...
A critical vulnerability, identified as CVE-2024-42531 and rated with a CVSS score of 9.8 (Critical), has been discovered in the Ezviz Internet PT Camera CS-CV246. This flaw enables unauthorized...
View ArticleArgentina Busts Crypto Ring Linked to North Korea, Seizes Millions
In Argentina, the police have uncovered an illegal financial organization engaged in the exchange of fiat and cryptocurrencies, which may be connected to North Korean hackers. The organization was...
View ArticleCVE-2024-31214 & CVE-2024-24809: Traccar Users Urged to Update Immediately
Two critical vulnerabilities have been discovered in the popular GPS tracking system Traccar, which is used for both personal and corporate applications. The vulnerabilities, identified as...
View ArticleLinux Leaps to Record 4.44% Market Share: Open-Source OS Hits All-Time High...
Recent data from StatCounter indicates that Linux’s market share has ascended to an unprecedented 4.44% in July. This marks a substantial increase from the 3.12% recorded during the corresponding...
View ArticleChinese Hackers Deploy VersaMem Web Shell via Versa Director Zero-Day...
Black Lotus Labs, a threat intelligence team within Lumen Technologies, has uncovered the active exploitation of a zero-day vulnerability in Versa Director servers, identified as CVE-2024-39717. This...
View ArticleCISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited security flaw in Apache OFBiz, a popular open-source enterprise resource...
View ArticleSonicWall Warns: New Malware Targets Gmail
A new AutoIT-compiled executable has been spotted in the wild targeting Gmail accounts, according to a recent analysis by the SonicWall Capture Labs threat research team. The malware, originally...
View ArticleBling Libra’s Tactical Evolution: Exploiting Cloud Misconfigurations for...
Cybersecurity researchers at Unit 42 have uncovered a concerning shift in the tactics employed by the notorious threat actor group, Bling Libra. Previously recognized for their involvement in...
View ArticleSymantec Exposes Widespread Mobile App Privacy Risks: Popular Apps Leak...
In an era where mobile devices have become the primary tool for accessing personal and professional information, the security of mobile apps is paramount. Yet, a recent report from Symantec... The post...
View ArticleCVE-2024-7988 (CVSS 9.8): Rockwell Automation’s ThinManager Flaw Allows RCE
Rockwell Automation has issued a critical security advisory concerning multiple vulnerabilities discovered in its ThinManager ThinServer software. These vulnerabilities, reported by Nicholas Zubrisky...
View ArticlemacOS Backdoor “HZ Rat” Targets Users of DingTalk and WeChat
Kaspersky Labs has uncovered a new macOS backdoor malware called “HZ Rat” that is specifically targeting users of popular Chinese communication platforms, DingTalk and WeChat. This marks a significant...
View Article