Hackers can exploit logic flaws in Cloudflare's Firewall and DDoS prevention, potentially undermining its protection. This poses a significant threat [...]
Category: News
The North Korean 'Lazarus' hacking group used a fake job opportunity to target a Spanish aerospace company's employees. This was [...]
Malicious ads promoting malware-infested download sites are infiltrating Microsoft's Bing Chat, powered by OpenAI's GPT-4. Introduced to rival Google's search [...]
Researchers from four US universities created 'GPU.zip,' a new GPU side-channel attack exploiting data compression for leaking sensitive visuals. They [...]
Google plans to retire Gmail's Basic HTML view in January 2024, requiring users to switch to modern browsers for continued [...]
The advanced 'Deadglyph' backdoor malware was recently detected in a cyberespionage attack on a Middle Eastern government agency. It's linked [...]
In August 2023, a new threat actor called 'Sandman' was uncovered by SentinelLabs and QGroup GmbH. Sandman targets telecom service [...]
The malware loader 'Bumblebee' is back from a two-month break with a new campaign that exploits 4shared WebDAV services. This [...]
A Proof-of-Concept (PoC) exploit for a Windows Themes vulnerability, known as CVE-2023-38146 or ThemeBleed, has been made public. This vulnerability, [...]
Microsoft is making significant changes to its printer driver strategy over the next four years, which includes blocking third-party printer [...]
Google's Privacy Sandbox is replacing third-party cookies for tracking user interests in Chrome. Upon launching Chrome, users now see an [...]
Apple issued urgent security updates to address two newly discovered zero-day vulnerabilities. These vulnerabilities were exploited in attacks aimed at [...]
An unidentified threat actor is exploiting serious security flaws (CVE-2023-28432 and CVE-2023-28434) in MinIO storage systems, leading to unauthorized code [...]
Microsoft has alerted customers that Windows 11 21H2 systems will undergo automatic updates before the end of their servicing period [...]
Even ransomware gangs can make errors. The Key Group, a ransomware gang, made a cryptographic mistake, allowing security researchers to [...]
Chinese hacker group GREF has planted BadBazaar spyware in modified Signal and Telegram apps on Google Play and Samsung Galaxy [...]
A new Android banking malware, MMRat, employs an uncommon method of communication—protobuf data serialization—to efficiently steal data from compromised devices. [...]
Japan's JPCERT has unveiled a 'MalDoc in PDF' attack (July 2023) that hides harmful Word files within PDFs to avoid [...]
On August 8, 2023, Secureworks® Counter Threat Unit™ (CTU) researchers discovered the Smoke Loader botnet deploying a custom Wi-Fi scanning [...]
Microsoft has pinpointed a new hacking group, Flax Typhoon, focusing on government, education, critical manufacturing, and IT sectors for likely [...]
The CVE-2023-38831 WinRAR zero-day flaw was exploited to install malware through harmless archive files, compromising online cryptocurrency trading accounts. This [...]
In a fresh HiatusRAT malware drive, cyber attackers have focused on a U.S. Department of Defense server in a reconnaissance [...]
An Amazon ad on Google search leads to a Microsoft Defender scam that traps users in their browser. BleepingComputer reported [...]
The China-linked APT group named 'Bronze Starlight' targeted the Southeast Asian gambling industry with malware using a legitimate certificate from [...]
A critical WinRAR vulnerability (CVE-2023-40477) has been patched. This flaw allows attackers to execute commands on a system by simply [...]
AquaSec, a security research team, recently released a report outlining significant security vulnerabilities within Microsoft's PowerShell Gallery (PSGallery), a repository [...]
The creators of Raccoon Stealer malware, known for stealing information, have resurfaced after a 6-month break on hacker forums. They're [...]
The custom invite service, Discord.io, temporarily closed due to a breach exposing data of 760,000 members. While not an official [...]
The Rhysida ransomware group gained attention through healthcare attacks, prompting government agencies and cybersecurity firms to take notice. US HHS [...]
'BitForge' zero-day vulnerabilities in widespread cryptographic protocols (GG-18, GG-20, Lindell 17) impacted major crypto wallets like Coinbase, ZenGo, Binance. Attackers [...]
Researchers from the Technical University of Berlin have developed a method to jailbreak Tesla's infotainment systems in recent car models. [...]
In June 2023, Microsoft introduced the Azure Active Directory Cross-Tenant Synchronization (CTS) feature, allowing administrators to synchronize users and groups [...]
Soon, the list of LOLBAS files, which comprises legitimate binaries and scripts in Windows that can be exploited for malicious [...]
A new strain of malware, believed to be orchestrated by Chinese state-sponsored hackers, has emerged, targeting industrial organizations. This sophisticated [...]
CISA has reported the use of new malware named Submarine to backdoor Barracuda ESG appliances on federal agencies' networks. The [...]
Microsoft has addressed a known problem that was causing video recording and playback failures in certain apps on both Windows [...]
More than 900,000 MikroTik RouterOS routers face a critical risk from a 'Super Admin' privilege elevation flaw (CVE-2023-30799). This vulnerability [...]
North Korea's Lazarus hacking group is hacking into Windows Internet Information Service (IIS) web servers to distribute malware. IIS is [...]
Storm-0558 Chinese hackers gained access to the Microsoft consumer signing key, which had broader implications than initially acknowledged. Redmond confirmed [...]
Microsoft is expanding free access to additional cloud logging data worldwide to aid in detecting breached networks and accounts. This [...]