SystemRescue 11.03 Boots Up with a Powerful New Kernel and Updated Tools!
SystemRescue, the renowned open-source system recovery toolkit, announces the release of version 11.03. This iteration delivers crucial updates to the kernel and core utilities, further solidifying its...
View ArticleGoogle’s Vanir: A Powerful New Open-Source Tool for Supercharging Security...
In a move set to redefine security patch validation, Google announced the public availability of Vanir, an open-source tool designed to revolutionize how developers identify and address security...
View ArticleCVE-2024-12209 (CVSS 9.8): WP Umbrella Plugin Vulnerability Exposes 30,000...
A critical security vulnerability has been discovered in the popular WordPress plugin, WP Umbrella, which is used by over 30,000 websites. The flaw, identified as CVE-2024-12209 and assigned a CVSS......
View ArticleManjaro 24.2 “Yonada” Released: A Refined and Feature-Rich Update
Manjaro Linux, the acclaimed Arch-based distribution renowned for its user-centric approach, has announced the release of version 24.2, codenamed “Yonada.” This latest iteration delivers a compelling...
View ArticleFrom Cloud to Cash: “CP3O” Indicted in Multi-Million Dollar Cryptojacking...
In a recent press release, the U.S. Department of Justice announced the arrest of Charles O. Parks III, also known as “CP3O,” for orchestrating a sophisticated cryptojacking scheme. Parks exploited......
View ArticleDDoSecrets Unveils Massive “Library of Leaks” Search Engine with Millions of...
Distributed Denial of Secrets (DDoSecrets), the non-profit whistleblower organization is celebrating its sixth anniversary with the launch of a new public search engine: the Library of Leaks. This...
View ArticleUrgent Action Needed: ABB ASPECT Vulnerabilities Expose Buildings to...
ABB has issued a critical cyber security advisory for its ASPECT system, a building energy management platform. The advisory, released on December 5, 2024, details multiple vulnerabilities that could...
View ArticleUltralytics AI Library Hit by Supply Chain Attack: 60 Million Downloads...
Cybersecurity researchers at ReversingLabs have detailed a supply chain attack on the popular AI library, Ultralytics, which has over 60 million downloads on PyPI. The attack, disclosed on December...
View ArticleReport Exposes Cybercriminal Exploitation of High-Profile Events
Threat actors consistently exploit public interest in high-profile events to launch targeted campaigns, leveraging deceptive domains, phishing schemes, and malicious traffic. According to a detailed...
View ArticleThe Rise of Mac Malware: 2024 Threat Report Reveals Alarming Trends
For years, macOS enjoyed a reputation as a secure platform, relatively untouched by malware. However, a 60% surge in macOS market share over the past three years has made it... The post The Rise of Mac...
View ArticleGoogle Fixes Critical RCE Vulnerabilities in December 2024 Pixel Security Update
Google has rolled out its December 2024 security update for Pixel devices, addressing a total of 28 vulnerabilities, including two critical remote code execution (RCE) flaws in the Cellular baseband......
View ArticleQNAP Addresses High Severity Vulnerabilities in License Center and Operating...
QNAP, a leading provider of network-attached storage (NAS) solutions, has issued a security advisory addressing multiple vulnerabilities affecting its License Center and QTS/QuTS hero operating...
View ArticleMauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)
The AhnLab Security Intelligence Response Center (ASEC) has revealed that threat actors exploiting a critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, have begun deploying Mauri...
View ArticleWindows Zero-Day Vulnerability CVE-2024-38193 Exploited in the Wild: PoC...
A critical use-after-free vulnerability, identified as CVE-2024-38193, has been discovered in the afd.sys Windows driver. This vulnerability, with a CVSS score of 7.8, poses a significant threat to...
View ArticleActivation Context Hijacking: “Eclipse” PoC Weaponizes Trusted Processes
Kurosh Dabbagh Escalante, a Red Team Operator at BlackArrow, has introduced Eclipse, a proof-of-concept (PoC) tool designed to exploit Activation Context hijacking. By leveraging a technique known as...
View ArticleCVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to...
A recently disclosed vulnerability, identified as CVE-2024-55563, has revealed a critical security risk within the Bitcoin network’s transaction-relay mechanism, with potential implications for the...
View ArticleCVE-2024-55579 & CVE-2024-55580: Qlik Sense Users Face Serious Security Risk
Qlik, a leading provider of business intelligence and data analytics platforms, has disclosed two vulnerabilities affecting Qlik Sense Enterprise for Windows. These vulnerabilities, identified as...
View ArticleMeeten Malware: AI-Powered Cyber Campaign Targets Web3 Professionals
Cado Security Labs has uncovered a highly sophisticated cyber campaign targeting professionals in the Web3 space. At the heart of this campaign lies the Meeten malware, a cross-platform information...
View ArticleSpyNote RAT Targets High-Value Individuals in Southern Asia
Cybersecurity researchers at CYFIRMA have uncovered a sophisticated cyberattack targeting high-value individuals in Southern Asia. Leveraging the SpyNote Remote Administration Tool (RAT), an unknown...
View ArticleLinux 6.13 Streamlines EFI Zboot: Gzip & Zstd Take Center Stage
The Linux kernel development community is set to introduce a significant optimization to the EFI Zboot implementation in the upcoming 6.13 release. This enhancement focuses on streamlining the...
View Article