Author: Mash

A wave of malicious Visual Studio Code (VSCode) extensions has been discovered targeting developers and cryptocurrency users, aiming to execute [...]

A large-scale malvertising campaign, dubbed DeceptionAds, has been distributing the Lumma Stealer malware by tricking users into running malicious PowerShell [...]

The Chinese state-sponsored hacking group Winnti (APT41) has developed a new PHP backdoor, Glutton, to attack organizations in China and [...]

The newly discovered Pumakit Linux rootkit uses advanced stealth techniques and privilege escalation to compromise systems while avoiding detection. Identified [...]

Researchers at Lookout have uncovered a previously unknown Android spyware, dubbed EagleMsgSpy, reportedly used by Chinese law enforcement to monitor [...]

A high-severity vulnerability in the WPForms plugin, used by over 6 million WordPress sites, allows subscriber-level users to issue unauthorized [...]

Windows 11’s File Explorer introduces several updates in Build 22635.4580 (KB5046733), now in beta testing, including the ability to restore [...]

The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack, infecting users with a cryptominer through versions [...]

A newly identified Android malware called DroidBot has been stealing credentials from over 77 cryptocurrency exchanges and banking apps in [...]

South Korean authorities have arrested a CEO and five employees for producing over 240,000 satellite receivers equipped with DDoS attack [...]

McAfee has uncovered 15 malicious SpyLoan Android apps on Google Play that have been downloaded over 8 million times, primarily [...]

Zabbix, a leading provider of open-source network and application monitoring tools, has disclosed a critical SQL injection vulnerability (CVE-2024-42327) that [...]

ESET researchers have identified Bootkitty, the first UEFI bootkit specifically designed to target Linux systems, signaling an evolution in bootkit [...]

Researchers from AmberWolf have identified vulnerabilities, collectively named "NachoVPN," in SonicWall and Palo Alto SSL-VPN clients. These flaws allow attacker-controlled [...]

A ransomware attack on supply chain management firm Blue Yonder has caused widespread service outages, affecting major grocery store chains [...]

Microsoft is enhancing File Explorer in Windows 11 with new features aimed at improving user experience. In Windows 11 Build [...]

Microsoft has paused the rollout of the Windows 11 24H2 update for systems with Ubisoft titles like Assassin's Creed, Star [...]

Microsoft has officially rolled out its AI-powered Recall feature to Windows Insiders using Snapdragon-based Copilot+ PCs in the Dev Channel, [...]

Microsoft has acknowledged a problem affecting Windows 10 users since November 12, where packaged applications like Microsoft Teams cannot be [...]

Five local privilege escalation (LPE) vulnerabilities, present in Ubuntu’s needrestart utility since 2014, were discovered by Qualys and recently patched [...]

Apple has issued emergency updates to address two actively exploited zero-day vulnerabilities affecting Intel-based Mac systems. The flaws, CVE-2024-44308 and [...]

Google is reportedly preparing to launch a "Shielded Email" feature that lets users create disposable email aliases for signing up [...]

Cybercriminals are increasingly leveraging Scalable Vector Graphics (SVG) files in phishing emails to display fake login forms or deliver malware [...]

A severe authentication bypass vulnerability, CVE-2024-10924, has been found in the WordPress plugin "Really Simple Security" (formerly "Really Simple SSL"). [...]

A zero-day vulnerability in outdated GeoVision devices is being exploited by a malware botnet, potentially for DDoS or cryptomining purposes. [...]

The newly identified Glove Stealer malware has found a way to bypass Google Chrome's App-Bound encryption, enabling it to steal [...]

Hackers are employing a new method to hide malicious code in macOS extended file attributes, facilitating the delivery of a [...]

China's Volt Typhoon crew has resurfaced, using compromised legacy Cisco routers to infiltrate critical infrastructure, security experts report. This resurgence [...]

A new ransomware strain called 'Ymir' has emerged, encrypting systems already compromised by the RustyStealer malware. RustyStealer, known since 2021 [...]

Microsoft has confirmed that some Windows Server 2019 and 2022 systems were unexpectedly upgraded to Windows Server 2025 due to [...]

Microsoft has acknowledged that Windows 11 updates from October have disrupted SSH connections on certain 22H2 and 23H2 systems. The [...]

Cybercriminals have devised a scheme involving a crypto-themed tank game to gain full access to players' computers. Modern tank games [...]

A new variant of SpyNote malware is mimicking Avast Mobile Security to exploit the brand's credibility, according to CYFIRMA. This [...]

The UK's National Cyber Security Centre (NCSC) released an analysis on "Pygmy Goat," a sophisticated Linux malware crafted to breach [...]

Researchers have demonstrated that OpenAI's ChatGPT-4o, with its real-time voice API, could be exploited for autonomous scams, achieving success in [...]

Microsoft has warned that Azure Virtual Desktop (AVD) users may experience up to 30 minutes of black screens when logging [...]

Hackers are exploiting two zero-day vulnerabilities, CVE-2024-8956 and CVE-2024-8957, in PTZOptics pan-tilt-zoom cameras used widely in industries like healthcare, government, [...]

North Korea's state-sponsored hacking group, Andariel, has been linked to the Play ransomware, potentially acting as an affiliate or initial [...]

A zero-day vulnerability in Windows Themes enables attackers to steal NTLM credentials, exposing users to credential theft risks. Acros Security’s [...]