Author: Mash

Microsoft has offered a solution for users experiencing blocked security updates on certain Windows 11 24H2 systems. The issue occurs [...]

Cisco has released fixes for two critical vulnerabilities (CVE-2025-20124 and CVE-2025-20125) in its Identity Services Engine (ISE) platform, a widely [...]

AMD has released firmware and microcode updates to mitigate a high-severity flaw (CVE-2024-56161) that could enable attackers with local admin [...]

A Chinese cyber-espionage group, Evasive Panda (also known as DaggerFly), has been using a newly discovered SSH backdoor, "ELF/Sshdinjector.A!tr," to [...]

As part of its November security updates, Google patched two Android zero-day vulnerabilities, CVE-2024-43047 and CVE-2024-43093, both actively exploited in [...]

PyPI has launched a new 'Project Archival' system, enabling developers to mark projects as archived, signaling users that no future [...]

Google's Threat Intelligence Group (GTIG) has identified government-backed APT groups from over 20 countries, including Iran, China, North Korea, and [...]

Microsoft has improved text contrast for all Chromium-based browsers on Windows, including Google Chrome and Edge, by integrating enhanced gamma [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about Contec CMS8000 patient monitors, which secretly send [...]

Akamai researchers have identified Aquabotv3, a new variant of the Mirai-based botnet malware, exploiting the CVE-2024-41710 vulnerability in Mitel SIP [...]

Microsoft is testing a new scareware blocker in its Edge browser, designed to protect Windows PC users from tech support [...]

Chinese AI platform DeepSeek has paused new registrations for its DeepSeek-V3 chat service following a major cyberattack. The platform recently [...]

Hackers have set up nearly 1,000 fake web pages impersonating Reddit and WeTransfer to distribute Lumma Stealer malware. The scam [...]

Google has launched a Chrome Web Store tailored for enterprises, enabling organizations to create a curated list of trusted extensions [...]

Two severe vulnerabilities in the RealHome theme and Easy Real Estate plugin for WordPress could allow attackers to gain administrator [...]

A high-severity vulnerability in 7-Zip (CVE-2025-0411) allowed attackers to bypass Windows' Mark of the Web (MotW) security mechanism, enabling the [...]

Hewlett Packard Enterprise (HPE) is probing allegations by threat actor IntelBroker, who claims to have accessed the company’s developer environments [...]

A malicious package named 'pycord-self' on PyPi has been discovered, designed to steal Discord authentication tokens and establish a backdoor [...]

A new vulnerability, CVE-2024-7344, has been discovered in UEFI Secure Boot, affecting Microsoft-signed applications in third-party system recovery tools. The [...]

A fraudulent proof-of-concept (PoC) exploit for the LDAPNightmare vulnerability (CVE-2024-49113) has been circulating on GitHub, secretly deploying infostealer malware that [...]

Docker Desktop is failing to start on macOS due to false malware alerts stemming from files signed with an incorrect [...]

Cybercriminals are exploiting CVE-2024-52875, a critical CRLF injection flaw in GFI KerioControl firewalls, to execute remote code and steal sensitive [...]

At least five Chrome extensions were compromised in a planned cyberattack, where threat actors injected code to steal sensitive user [...]

Microsoft has acknowledged an issue affecting Windows 11 24H2 installations, where newer cumulative updates fail if the OS was installed [...]

A new Mirai-based botnet is actively targeting vulnerabilities in DigiEver DS-2105 Pro NVRs and outdated TP-Link routers, exploiting a previously [...]

Two WordPress plugins required for the popular WPLMS learning management system (LMS) theme, used by educational and corporate organizations, were [...]

The phishing-as-a-service (PhaaS) platform "FlowerStorm" has gained traction after the Rockstar2FA service suffered a partial collapse in November 2024. Rockstar2FA [...]

A wave of malicious Visual Studio Code (VSCode) extensions has been discovered targeting developers and cryptocurrency users, aiming to execute [...]

A large-scale malvertising campaign, dubbed DeceptionAds, has been distributing the Lumma Stealer malware by tricking users into running malicious PowerShell [...]

The Chinese state-sponsored hacking group Winnti (APT41) has developed a new PHP backdoor, Glutton, to attack organizations in China and [...]

The newly discovered Pumakit Linux rootkit uses advanced stealth techniques and privilege escalation to compromise systems while avoiding detection. Identified [...]

Researchers at Lookout have uncovered a previously unknown Android spyware, dubbed EagleMsgSpy, reportedly used by Chinese law enforcement to monitor [...]

A high-severity vulnerability in the WPForms plugin, used by over 6 million WordPress sites, allows subscriber-level users to issue unauthorized [...]

Windows 11’s File Explorer introduces several updates in Build 22635.4580 (KB5046733), now in beta testing, including the ability to restore [...]

The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack, infecting users with a cryptominer through versions [...]

A newly identified Android malware called DroidBot has been stealing credentials from over 77 cryptocurrency exchanges and banking apps in [...]

South Korean authorities have arrested a CEO and five employees for producing over 240,000 satellite receivers equipped with DDoS attack [...]

McAfee has uncovered 15 malicious SpyLoan Android apps on Google Play that have been downloaded over 8 million times, primarily [...]

Zabbix, a leading provider of open-source network and application monitoring tools, has disclosed a critical SQL injection vulnerability (CVE-2024-42327) that [...]

ESET researchers have identified Bootkitty, the first UEFI bootkit specifically designed to target Linux systems, signaling an evolution in bootkit [...]