Hackers Exploit Social Security Administration Branding to Deliver...
In a concerning escalation of phishing tactics, hackers are spoofing the United States Social Security Administration (SSA) to The post Hackers Exploit Social Security Administration Branding to...
View ArticleMalicious Packages Weaponize OAST for Stealthy Data Exfiltration and...
Researchers at Socket have uncovered a series of malicious campaigns exploiting Out-of-Band Application Security Testing (OAST) techniques. Traditionally The post Malicious Packages Weaponize OAST for...
View ArticleGoCD Patches Critical Vulnerability Allowing User Privilege Escalation
Open-source CI/CD platform GoCD has released an urgent security update to address a critical vulnerability, CVE-2024-56320 (CVSS 9.4), The post GoCD Patches Critical Vulnerability Allowing User...
View ArticleCryptBot Infostealer Returns with Sophisticated Tactics for Initial Access
CryptBot, an information-stealing malware first detected in 2019, has resurfaced with advanced tactics to target unsuspecting victims. In The post CryptBot Infostealer Returns with Sophisticated...
View ArticleNonEuclid RAT—A Sophisticated Tool in the Cybercrime Arsenal
The NonEuclid Remote Access Trojan (RAT), detailed in a report by CYFIRMA, represents a significant evolution in malware The post NonEuclid RAT—A Sophisticated Tool in the Cybercrime Arsenal appeared...
View ArticleCVE-2024-9138 and CVE-2024-9140 (CVSS 9.8): Moxa Calls for Immediate Security...
Moxa, a leading provider of industrial networking and communication solutions, has issued a security advisory warning of two The post CVE-2024-9138 and CVE-2024-9140 (CVSS 9.8): Moxa Calls for...
View ArticleCVE-2024-43452: PoC Exploit Released for Windows Elevation of Privilege Bug
Security researchers published the technical details and a proof-of-concept (PoC) exploit code for CVE-2024-43452 (CVSS 7.5), a Windows The post CVE-2024-43452: PoC Exploit Released for Windows...
View ArticleIvanti Connect Secure Zero-Day Threat: 2,048 Vulnerable Devices and Critical...
On January 8, 2025, Ivanti disclosed an actively exploited zero-day vulnerability, tracked as CVE-2025-0282, affecting its Connect Secure The post Ivanti Connect Secure Zero-Day Threat: 2,048...
View ArticleCracked Software: A Gateway to Malware and Data Theft
Trend Micro’s latest analysis sheds light on the growing menace of fake software installers and cracked applications, which The post Cracked Software: A Gateway to Malware and Data Theft appeared first...
View ArticleCVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited in the Wild for...
A severe security vulnerability has been discovered in several Netgear routers, allowing remote attackers to gain unauthorized access The post CVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited...
View ArticleGroupGreeting E-Card Platform Compromised in “zqxq” Campaign
The popular e-card platform GroupGreeting.com, used by major companies such as Airbnb, Coca-Cola, and eBay, recently fell victim The post GroupGreeting E-Card Platform Compromised in “zqxq” Campaign...
View ArticleFunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime...
A new player in the ransomware scene, FunkSec, has emerged with a mix of audacious claims, low-tech methods, The post FunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime and...
View ArticleCVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with...
A severe vulnerability has been identified in the GiveWP plugin, one of WordPress’s most widely used tools for The post CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000...
View ArticleRedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques
The RedCurl Advanced Persistent Threat (APT) group, also known as Earth Kapre or Red Wolf, has resurfaced with The post RedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques appeared...
View ArticleRedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns
A recent report by Insikt Group reveals an ongoing, sophisticated cyber-espionage operation by the RedDelta advanced persistent threat The post RedDelta Leverages PlugX Backdoor in State-Sponsored...
View ArticleZACROS Corporation Discloses Personal Information Leak Following Ransomware...
ZACROS Corporation, a leading manufacturer of packaging materials, announced that it has suffered a ransomware attack that has The post ZACROS Corporation Discloses Personal Information Leak Following...
View ArticleCVE-2025-22152 (CVSS 9.4): Severe Vulnerabilities Found in Atheos Web-Based IDE
A security advisory from the Atheos project has disclosed a critical vulnerability (CVE-2025-22152) that could compromise servers running The post CVE-2025-22152 (CVSS 9.4): Severe Vulnerabilities...
View ArticleHexaLocker V2: Ransomware Reborn with Advanced Tactics
On August 9, 2024, the HexaLocker ransomware group unveiled a new variant of their infamous malware on Telegram. The post HexaLocker V2: Ransomware Reborn with Advanced Tactics appeared first on...
View ArticlePhishing Campaigns Exploit YouTube URLs and Microsoft 365 Themes to Steal...
Cybersecurity researchers at Cyderes, led by Ethan Fite, have uncovered a phishing trend exploiting YouTube URLs combined with The post Phishing Campaigns Exploit YouTube URLs and Microsoft 365 Themes...
View ArticleAviatrix Controller RCE CVE-2024-50603 Exploited in the Wild: Cryptojacking...
A critical Remote Code Execution (RCE) vulnerability, CVE-2024-50603, has been identified in Aviatrix Controller, with the maximum CVSS The post Aviatrix Controller RCE CVE-2024-50603 Exploited in the...
View Article