Solana Web3.js Library Compromised in Targeted Supply Chain Attack
A sophisticated supply chain attack has been identified within the widely-used @solana/web3.js JavaScript library, potentially jeopardizing the security of numerous developers and users within the...
View ArticlePoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS...
Security researcher Alejandro Ramos has published a detailed technical analysis and proof-of-concept (PoC) exploit code for CVE-2024-42327, a critical SQL injection vulnerability affecting Zabbix, a...
View ArticleMicrosoft Emphasizes TPM 2.0 as a “Necessity” for Secure Windows 11 Deployment
In a recent blog post, Microsoft reiterated the importance of Trusted Platform Module (TPM) 2.0 for Windows 11 security, calling it a “necessity” for a secure and future-proof Windows 11... The post...
View ArticleI-O DATA Routers Under Attack: Urgent Firmware Update Needed!
Multiple vulnerabilities have been discovered in I-O DATA routers UD-LT1 and UD-LT1/EX, and active exploitation is already underway. JPCERT/CC, a Japanese cybersecurity organization, issued a warning...
View ArticleCrypto.com Launches $2 Million Bug Bounty Program with HackerOne
Crypto.com, a leading cryptocurrency platform with over 100 million users worldwide, has announced a significant upgrade to its bug bounty program in partnership with HackerOne. This move reinforces...
View ArticleRECOPE, Costa Rica’s State-Owned Energy Provider, Grapples with Ransomware...
Refinadora Costarricense de Petróleo (RECOPE), the state-owned entity responsible for Costa Rica’s fuel supply chain, has been targeted by a ransomware attack, impacting operations and raising concerns...
View ArticleDMM Bitcoin Ceases Operations Following $300 Million Cyberattack, Attributed...
DMM Bitcoin, a leading Japanese cryptocurrency exchange, has announced its impending closure following a major cybersecurity incident. The exchange fell victim to a sophisticated cyberattack on May...
View ArticleCyberattack Compromises Marin City Housing Project, $950,000 in Public Funds...
A significant cybersecurity incident has impacted the Golden Gate Village housing project in Marin City, resulting in the theft of $950,000 of public funds allocated for critical renovations. The...
View ArticleBeware of Celestial Stealer: New MaaS Targets Browsers and Crypto Wallets
A new report from Trellix Advanced Research Center has exposed the inner workings of Celestial Stealer, a sophisticated Malware-as-a-Service (MaaS) platform targeting developers, gamers, and...
View ArticlePhishing Frenzy: Cloudflare Domains Exploited in Latest Attacks
A new report from cybersecurity firm Fortra has revealed a dramatic increase in the abuse of Cloudflare’s pages.dev and workers.dev domains for phishing attacks. This abuse capitalizes on Cloudflare’s...
View ArticleAkira v2 Emerges: Rust-Based Ransomware Raises the Stakes
The Akira ransomware took a significant leap earlier this year with the introduction of a new Rust-based variant, according to a detailed analysis from Check Point Research (CPR). This version,... The...
View ArticleNew Andromeda/Gamarue Command-and-Control Cluster Targets APAC Industries
In a recent report, the Cybereason Security Services Team unveiled the discovery of a new cluster of Command-and-Control (C2) servers linked to the infamous Andromeda (aka Gamarue) malware family....
View ArticleNCA’s Operation Destabilise: Dismantling a Global Money Laundering Network
The National Crime Agency (NCA) has concluded Operation Destabilise, a complex international investigation that successfully disrupted a sophisticated Russian-led money laundering network operating on...
View ArticlePayroll Pirates: Unveiling the Sophisticated Payroll Redirection Phishing...
Silent Push Threat Analysts have uncovered a large-scale phishing operation dubbed the “Payroll Pirates,” which leverages sophisticated techniques to target employees’ payroll information. This...
View ArticleFBI Warns of Generative AI’s Role in Amplifying Fraud Schemes
The Federal Bureau of Investigation (FBI) has issued a public warning about the growing use of generative artificial intelligence (AI) by criminals to enhance their fraud schemes. This technology,...
View ArticleExploit Code Available: Critical Flaw Found in WhatsUp Gold- CVE-2024-8785...
Tenable’s latest vulnerability analysis has exposed a critical flaw, CVE-2024-8785, in WhatsUp Gold versions prior to 24.0.1. Rated with a CVSS score of 9.8, this vulnerability allows unauthenticated...
View ArticleCVE-2024-51378 (CVSS 10): Critical CyberPanel Flaw Under Active Attack, CISA...
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in CyberPanel, an open-source web hosting control panel. This flaw, tracked as CVE-2024-51378, is...
View ArticleFuji Electric Indonesia Suffers Ransomware Attack: Business Partner Data...
Fuji Electric Co., Ltd. has disclosed a ransomware attack targeting its wholly-owned subsidiary, Fuji Electric Indonesia (FEID). The incident, which occurred in late November 2024, rendered several PCs...
View ArticleCVE-2024-10905 (CVSS 10): Critical Vulnerability in SailPoint IdentityIQ...
A critical vulnerability has been discovered in SailPoint IdentityIQ, a widely used identity and access management (IAM) platform. This flaw, tracked as CVE-2024-10905, has been assigned a CVSS score...
View ArticleFive Flaws in Lorex 2K Security Cameras Enable Hackers to Take Full Control,...
Rapid7’s latest research reveals a series of critical vulnerabilities in the Lorex 2K Indoor Wi-Fi Security Camera, raising significant concerns for consumer security. The vulnerabilities, identified...
View Article