Author: Mash

AnyDesk has officially confirmed that it fell victim to a recent cyberattack, resulting in unauthorized access to the company's production [...]

A financially motivated threat actor, utilizing USB devices for initial infection, is exploiting legitimate online platforms such as GitHub, Vimeo, [...]

The elusive threat actor 'Blackwood' is employing the advanced NSPX30 malware in cyberespionage campaigns targeting entities in China, Japan, and [...]

A recently revealed ransomware operation called 'Kasseika' has adopted Bring Your Own Vulnerable Driver (BYOVD) tactics to bypass antivirus software [...]

Apple has released security updates to address the first zero-day vulnerability of the year, impacting iPhones, Macs, and Apple TVs. [...]

A widespread Facebook phishing scheme, featuring messages like "I can't believe he is gone. I'm gonna miss him so much," [...]

Microsoft disclosed that some of its corporate email accounts were breached and data stolen by a Russian state-sponsored hacking group [...]

Security experts have identified that compromised Apple mobile devices may harbor prominent spyware like Pegasus, Reign, and Predator. A thorough [...]

GitLab released critical security updates for both its Community and Enterprise Edition, addressing a severe authentication flaw (CVE-2023-7028) that allows [...]

Security researchers have uncovered a novel variant of DLL search order hijacking, posing a threat to Microsoft Windows 10 and [...]

Three fake Chrome VPN extensions, disguised as legitimate tools, were downloaded 1.5 million times. These malicious extensions, discovered by ReasonLabs, [...]

Microsoft has identified APT33, an Iranian cyber-espionage group also known as Peach Sandstorm, HOLMIUM, or Refined Kitten, employing the recently [...]

One critical and three other vulnerabilities were found in the widely utilized Perforce Helix Core Server, a source code management [...]

Security researchers have introduced a new attack named AutoSpill to pilfer Android account credentials during autofill operations. Tests by the [...]

Academic researchers unveiled SLAM, a novel side-channel attack exploiting security-enhancing hardware features in upcoming Intel, AMD, and Arm CPUs. SLAM, [...]

Over 12 million downloads of SpyLoan, a set of deceptive loan apps, have occurred on Google Play this year. The [...]

The latest P2Pinfect botnet variants are targeting devices with 32-bit MIPS processors, commonly found in routers and IoT devices. Discovered [...]

LogoFAIL is a set of security vulnerabilities impacting image-parsing components within UEFI code across different vendors. These vulnerabilities pose a [...]

Google released security updates for Chrome, addressing seven issues, including a high-severity zero-day vulnerability (CVE-2023-6345) in the Skia 2D graphics [...]

Recent reports indicate that Google Drive users are experiencing the sudden disappearance of their most recent files stored in the [...]

A newly identified Mirai-based malware botnet named 'InfectedSlurs' is leveraging two zero-day remote code execution (RCE) vulnerabilities to infect routers [...]

The Lumma information-stealer malware, also known as 'LummaC2,' is now promoting a new feature that supposedly enables cybercriminals to revive [...]

The Kinsing malware operator is currently taking advantage of the critical CVE-2023-46604 vulnerability in the Apache ActiveMQ open-source message broker [...]

Another Russian state-sponsored hacking group, APT29, also known as UNC3524, NobleBaron, Dark Halo, NOBELIUM, Cozy Bear, CozyDuke, and SolarStorm, is [...]

Microsoft has made Windows 11 Moment 4 mandatory through the latest update (KB5032190) on Patch Tuesday. This update introduces features [...]

The WP Fastest Cache WordPress plugin, utilized by over a million sites to enhance page speed and user experience, is [...]

Malicious actors exploit Ethereum's 'Create2' function to evade wallet security alerts and compromise cryptocurrency addresses, resulting in a theft of [...]

A zero-day vulnerability in SysAid's service management software is being exploited by threat actors, identified as Lace Tempest (a.k.a. Fin11 [...]

The GootLoader malware has evolved with a new variant called GootBot, designed to enable lateral movement on compromised systems and [...]

The North Korean-backed group BlueNorOff, known for targeting cryptocurrency exchanges and financial institutions, is using new macOS malware called ObjCShellz [...]

Apple's "Find My" network, initially designed to help users locate lost Apple devices, can be exploited by malicious actors to [...]

Four zero-day vulnerabilities in Microsoft Exchange have been revealed, allowing remote attackers to execute arbitrary code and access sensitive data. [...]

A recently identified malware called 'KandyKorn' for macOS has emerged in a cyber campaign associated with the North Korean hacking [...]

Mozi, a prominent DDoS malware botnet that surfaced in 2019, predominantly attacking IoT devices, lost activity in August. Then, on [...]

Czech cybersecurity company, Avast, confirmed its antivirus SDK wrongly flagged a Google Android app as malware on Huawei, Vivo, and [...]

On October 25th, hackers stole $4.4 million in cryptocurrency using compromised LastPass databases to obtain private keys and passphrases. This [...]

Microsoft provided a fix for a known Microsoft 365 issue causing 'Something Went Wrong [1001]' sign-in errors and rendering desktop [...]

Pwn2Own Toronto 2023 ended with researchers earning $1,038,500 for 58 zero-day exploits targeting various consumer products from October 24 to [...]

StripedFly, a highly sophisticated cross-platform malware, went unnoticed by cybersecurity experts for five years, infecting over a million Windows and [...]

The Matrix open standard and real-time communication protocol team has launched version 2 with group VoIP encryption, faster loading times, [...]