The overseer behind the HelloKitty ransomware endeavor has declared a rebranding, now known as 'HelloGookie.' They've also disclosed passwords for [...]
Category: News
A recently identified Android banking malware dubbed 'SoumniBot' has adopted a unique obfuscation tactic, capitalizing on vulnerabilities within the Android [...]
A collaborative effort between the Australian Federal Police (AFP) and the FBI has resulted in the apprehension and prosecution of [...]
During April's Patch Tuesday, Microsoft addressed two zero-day vulnerabilities that were actively exploited, initially overlooked by the company. The first [...]
Introducing 'Darcula', a novel phishing-as-a-service (PhaaS) platform utilizing a network of 20,000 domains to mimic reputable brands and pilfer user [...]
A widespread StrelaStealer malware campaign has affected organizations in the United States and Europe, aiming to pilfer email credentials. Initially [...]
Today, researchers revealed vulnerabilities affecting 3 million Saflok RFID locks worldwide, enabling easy door unlocking with forged keycards. Discovered by [...]
Three cybersecurity researchers uncovered nearly 19 million plaintext passwords exposed on the public internet due to misconfigured Firebase instances, a [...]
The ransomware group 'ShadowSyndicate' targeted servers vulnerable to CVE-2024-23334, a directory traversal flaw in the aiohttp Python library. Aiohttp, crucial [...]
DarkGate malware exploits a recently patched Windows Defender SmartScreen vulnerability to install fake software, bypassing security checks. The flaw, CVE-2024-21412, [...]
The cumulative update KB5035849, launched on today's Patch Tuesday, encounters installation issues on Windows 10 and Windows Server setups, reporting [...]
Hackers are exploiting a vulnerability in outdated versions of the Popup Builder plugin on WordPress sites, infecting over 3,300 websites [...]
Hackers are launching large-scale attacks on WordPress sites, injecting scripts to force visitors' browsers to brute-force passwords on other platforms. [...]
TA577, a hacking group, has shifted tactics to using phishing emails for NTLM authentication hash theft, enabling account hijacks. Formerly [...]
In February, Microsoft addressed a critical Windows Kernel privilege escalation vulnerability, CVE-2024-21338, six months after it was reported as actively [...]
Numerous reports from Anycubic customers online suggest that their 3D printers have been hacked, highlighting a vulnerability. The perpetrator uploaded [...]
14-year-old discontinued CMS editor exploited by threat actors to compromise education and government entities worldwide, poisoning search results with malicious [...]
The FTC has mandated Avast to pay $16.5 million and discontinue the sale or licensing of users' web browsing data [...]
Security researchers have uncovered a fresh campaign targeting Redis servers on Linux, employing a malware named 'Migo' for cryptocurrency mining. [...]
Microsoft has reportedly fixed Windows Metadata connection issues that persistently trouble users, hindering printer and hardware management. When new hardware [...]
SolarWinds patched five RCE vulnerabilities in Access Rights Manager (ARM), including three critical flaws. These issues, like path traversal weaknesses [...]
Microsoft has cautioned about a critical flaw in Exchange Server, CVE-2024-21410, exploited before this month's Patch Tuesday. This vulnerability enables [...]
CISA warns of an actively exploited vulnerability (CVE-2023-43770) in Roundcube email servers, allowing attackers to access restricted information via malicious [...]
A freshly discovered macOS malware, built on Rust, is circulating disguised as a Visual Studio update. Its purpose is to [...]
A Chinese cyber-espionage group infiltrated the Dutch Ministry of Defence last year, planting malware on devices, as per the Dutch [...]
Google is currently testing the removal of third-party cookies on Chrome, impacting around 1% of users, equivalent to roughly 30 [...]
AnyDesk has officially confirmed that it fell victim to a recent cyberattack, resulting in unauthorized access to the company's production [...]
A financially motivated threat actor, utilizing USB devices for initial infection, is exploiting legitimate online platforms such as GitHub, Vimeo, [...]
The elusive threat actor 'Blackwood' is employing the advanced NSPX30 malware in cyberespionage campaigns targeting entities in China, Japan, and [...]
A recently revealed ransomware operation called 'Kasseika' has adopted Bring Your Own Vulnerable Driver (BYOVD) tactics to bypass antivirus software [...]
Apple has released security updates to address the first zero-day vulnerability of the year, impacting iPhones, Macs, and Apple TVs. [...]
A widespread Facebook phishing scheme, featuring messages like "I can't believe he is gone. I'm gonna miss him so much," [...]
Microsoft disclosed that some of its corporate email accounts were breached and data stolen by a Russian state-sponsored hacking group [...]
Security experts have identified that compromised Apple mobile devices may harbor prominent spyware like Pegasus, Reign, and Predator. A thorough [...]
GitLab released critical security updates for both its Community and Enterprise Edition, addressing a severe authentication flaw (CVE-2023-7028) that allows [...]
Security researchers have uncovered a novel variant of DLL search order hijacking, posing a threat to Microsoft Windows 10 and [...]
Three fake Chrome VPN extensions, disguised as legitimate tools, were downloaded 1.5 million times. These malicious extensions, discovered by ReasonLabs, [...]
Microsoft has identified APT33, an Iranian cyber-espionage group also known as Peach Sandstorm, HOLMIUM, or Refined Kitten, employing the recently [...]
One critical and three other vulnerabilities were found in the widely utilized Perforce Helix Core Server, a source code management [...]
Security researchers have introduced a new attack named AutoSpill to pilfer Android account credentials during autofill operations. Tests by the [...]