Author: Mash

A new remote code execution (RCE) vulnerability in PHP for Windows has been disclosed, affecting all versions since 5.x and [...]

A new ransomware operation named 'Fog' emerged in early May 2024, targeting the networks of educational organizations in the U.S. [...]

Hugging Face reported a breach in its Spaces platform, exposing authentication secrets of its members. The company has revoked compromised [...]

LightSpy, previously known for targeting Android and iOS devices, has now been found on macOS. This surveillance framework steals data [...]

Cybercriminals are exploiting Stack Overflow to spread malware by answering questions with a link to a malicious PyPi package that [...]

The TP-Link Archer C5400X gaming router has security vulnerabilities that could allow an unauthenticated, remote attacker to execute commands on [...]

Security researchers have reverse-engineered Apple's iOS 17.5.1 update, discovering that a recent bug causing deleted images to reappear was due [...]

May 20 will mark the launch of next-gen Windows on ARM PCs powered by Qualcomm's latest Snapdragon X Series processors. [...]

The new malware 'Cuttlefish' infects enterprise and SOHO routers, stealing data and authentication info. Black Lotus Labs found it creates [...]

A recent surge in cyber operations, dubbed "Muddling Meerkat," is suspected to be orchestrated by a Chinese state-sponsored threat actor. [...]

Google Chrome 124's release last week introduced a quantum-resistant X25519Kyber768 encapsulation, causing connectivity issues for some users. Google has rolled [...]

"Dev Popper" campaign lures developers with fake job interviews to install Python RAT. Tasks mimic interview process, prompting downloads from [...]

Cisco warned today of a state-backed hacking group exploiting two zero-day vulnerabilities in ASA and FTD firewalls since November 2023, [...]

Since 2012, malicious actors have been crafting a slew of malware and ransomware disguising themselves as government agencies. They deceive [...]

The overseer behind the HelloKitty ransomware endeavor has declared a rebranding, now known as 'HelloGookie.' They've also disclosed passwords for [...]

A recently identified Android banking malware dubbed 'SoumniBot' has adopted a unique obfuscation tactic, capitalizing on vulnerabilities within the Android [...]

A collaborative effort between the Australian Federal Police (AFP) and the FBI has resulted in the apprehension and prosecution of [...]

During April's Patch Tuesday, Microsoft addressed two zero-day vulnerabilities that were actively exploited, initially overlooked by the company. The first [...]

Introducing 'Darcula', a novel phishing-as-a-service (PhaaS) platform utilizing a network of 20,000 domains to mimic reputable brands and pilfer user [...]

A widespread StrelaStealer malware campaign has affected organizations in the United States and Europe, aiming to pilfer email credentials. Initially [...]

Today, researchers revealed vulnerabilities affecting 3 million Saflok RFID locks worldwide, enabling easy door unlocking with forged keycards. Discovered by [...]

Three cybersecurity researchers uncovered nearly 19 million plaintext passwords exposed on the public internet due to misconfigured Firebase instances, a [...]

The ransomware group 'ShadowSyndicate' targeted servers vulnerable to CVE-2024-23334, a directory traversal flaw in the aiohttp Python library. Aiohttp, crucial [...]

DarkGate malware exploits a recently patched Windows Defender SmartScreen vulnerability to install fake software, bypassing security checks. The flaw, CVE-2024-21412, [...]

The cumulative update KB5035849, launched on today's Patch Tuesday, encounters installation issues on Windows 10 and Windows Server setups, reporting [...]

Hackers are exploiting a vulnerability in outdated versions of the Popup Builder plugin on WordPress sites, infecting over 3,300 websites [...]

Hackers are launching large-scale attacks on WordPress sites, injecting scripts to force visitors' browsers to brute-force passwords on other platforms. [...]

TA577, a hacking group, has shifted tactics to using phishing emails for NTLM authentication hash theft, enabling account hijacks. Formerly [...]

In February, Microsoft addressed a critical Windows Kernel privilege escalation vulnerability, CVE-2024-21338, six months after it was reported as actively [...]

Numerous reports from Anycubic customers online suggest that their 3D printers have been hacked, highlighting a vulnerability. The perpetrator uploaded [...]

14-year-old discontinued CMS editor exploited by threat actors to compromise education and government entities worldwide, poisoning search results with malicious [...]

The FTC has mandated Avast to pay $16.5 million and discontinue the sale or licensing of users' web browsing data [...]

Security researchers have uncovered a fresh campaign targeting Redis servers on Linux, employing a malware named 'Migo' for cryptocurrency mining. [...]

Microsoft has reportedly fixed Windows Metadata connection issues that persistently trouble users, hindering printer and hardware management. When new hardware [...]

SolarWinds patched five RCE vulnerabilities in Access Rights Manager (ARM), including three critical flaws. These issues, like path traversal weaknesses [...]

Microsoft has cautioned about a critical flaw in Exchange Server, CVE-2024-21410, exploited before this month's Patch Tuesday. This vulnerability enables [...]

CISA warns of an actively exploited vulnerability (CVE-2023-43770) in Roundcube email servers, allowing attackers to access restricted information via malicious [...]

A freshly discovered macOS malware, built on Rust, is circulating disguised as a Visual Studio update. Its purpose is to [...]

A Chinese cyber-espionage group infiltrated the Dutch Ministry of Defence last year, planting malware on devices, as per the Dutch [...]

Google is currently testing the removal of third-party cookies on Chrome, impacting around 1% of users, equivalent to roughly 30 [...]