News
Crypto Hacker Admits Guilt in $37 Million Cryptocurrency Theft
Evan Frederick Light, a 21-year-old from Lebanon, Indiana, has pleaded guilty to charges of conspiracy to commit wire fraud and money laundering. U.S. Attorney Alison
Chinese Threat Group Breaches Networks of Major US Telecom Companies
U.S. officials have revealed that a Chinese hacking group, identified as “Salt Typhoon,” has successfully infiltrated the networks of at least three major U.S. telecommunications
CosmicSting Vulnerability Exploited by Hackers to Breach Over 1,000 Adobe Commerce and Magento Stores
Adobe Commerce (formerly Magento) is a powerful e-commerce platform owned by Adobe, offering scalable solutions for both B2B and B2C businesses. It provides features like
Fake PyPI Packages Imitate Legitimate Tools to Target Cryptocurrency Wallets
Threat actors are increasingly targeting the Python Package Index (PyPI) due to its large user base and the ease of distributing malicious code in the
LEGO’s Website Compromised to Promote Cryptocurrency Scam
Cryptocurrency scammers briefly infiltrated the LEGO website, tricking visitors into purchasing a fraudulent “LEGO Coin” cryptocurrency. The breach, which occurred on October 4, 2024, involved
Apple Issues Urgent iOS and iPadOS Updates to Address VoiceOver Password Security Flaw
Apple has rolled out updates for iOS and iPadOS to address two security vulnerabilities, including one that could have enabled VoiceOver assistive technology to read
CISA Alerts on Ongoing Exploitation of Zimbra and Ivanti Endpoint Manager Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has released a critical warning about the active exploitation of severe vulnerabilities in Synacor’s Zimbra Collaboration platform and
Hackers Exploit Visual Studio Code as a Remote Access Tool
Microsoft’s Visual Studio, a robust integrated development environment (IDE), is widely used for developing applications on the .NET framework, supporting languages such as C#, VB.NET,
Cloudflare Mitigates Record-Breaking 3.8 Tbps DDoS Attack Targeting Multiple Global Industries
Cloudflare has revealed it successfully mitigated a massive distributed denial-of-service (DDoS) attack that reached a peak of 3.8 terabits per second (Tbps) and lasted for
Security Flaw in WordPress LiteSpeed Cache Plugin Exposes Websites to XSS Vulnerabilities
A newly disclosed high-severity security vulnerability has been identified in the LiteSpeed Cache plugin for WordPress, which could allow attackers to execute arbitrary JavaScript code
North Korean Hackers Deploy New VeilShell Backdoor in Covert Cyber Attacks
North Korean-linked threat actors have been spotted deploying a previously unknown backdoor and remote access trojan (RAT) called VeilShell in a cyber campaign primarily targeting
The Overlooked Vulnerability: Non-Human Identities Posing Risks to Executives
For years, securing a company’s systems meant safeguarding the “perimeter,” dividing the safe internal environment from the risky external world. Strong firewalls and advanced detection
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking Attacks
Linux servers are currently being targeted in an ongoing attack campaign deploying a stealthy malware called perfctl, designed to facilitate cryptocurrency mining and proxyjacking activities.
Hacking Kia: Remotely Controlling Cars With Just a License Plate – A Shocking Vulnerability Exposed
In a shocking revelation, cybersecurity researchers have uncovered a significant vulnerability affecting certain Kia vehicles that allows hackers to remotely control a car using nothing
Remote Exploits Possible Due to Vulnerabilities in Cisco Small Business Routers
Cisco has recently published a security advisory revealing multiple vulnerabilities in its Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, alongside
Cisco Nexus Vulnerability Exposes Systems to Command Injection Attacks
Cisco has released a security advisory about a critical flaw in its Nexus Dashboard Fabric Controller (NDFC), which could allow a remote, authenticated attacker with
CISA Urges Agencies to Patch Actively Exploited Ivanti Endpoint Manager Vulnerability
CISA has added a critical vulnerability in Ivanti’s Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation. The flaw,
INTERPOL Cracks Down on Phishing and Romance Scams in West Africa, Arresting 8
INTERPOL has arrested eight individuals in Côte d’Ivoire and Nigeria in a major operation targeting phishing scams and romance fraud in West Africa. Known as
Fake Crypto Wallet Recovery Tools on PyPI Repository Found Stealing User Data
A new wave of malicious packages has been uncovered in the Python Package Index (PyPI) repository, posing as cryptocurrency wallet recovery and management tools, but
New Bluetooth Vulnerability Exposes Passcodes to Hackers During Pairing Process
A newly discovered Bluetooth vulnerability, CVE-2020-26558, presents a major security threat to devices using various Bluetooth Core Specifications. The issue, termed “Impersonation in the Passkey
GorillaBot Dominates DDoS Attacks with Over 300,000 Commands
A Distributed Denial of Service (DDoS) attack seeks to disrupt the normal operations of a targeted server, service, or network by overwhelming it with excessive
New research highlights that Windows Event Logs are crucial for detecting ransomware attacks.
Recent investigations by cybersecurity experts have yielded valuable insights into the detection of human-operated ransomware attacks using Windows Event Logs. This advancement has the potential
Iranian Hackers Indicted for Interfering in Trump’s Election Campaign
The U.S. Department of Justice has announced an indictment against three Iranian nationals affiliated with the Islamic Revolutionary Guard Corps (IRGC) for their suspected roles
IDA 9.0 Launched: Major Updates Unveiled for Popular Reverse Engineering Tool
Hex-Rays has officially released IDA 9.0, introducing notable licensing changes and enhanced features aimed at improving user experience and functionality across various platforms. The latest
Google’s Gemini Workspace Exposed to Prompt Injection Attack Vulnerabilities
A recent investigation has exposed vulnerabilities in Google’s Gemini for Workspace, revealing that the AI assistant is prone to indirect prompt injection attacks. These security
NIST Proposes Updated Guidelines for Enhanced Password Security
The National Institute of Standards and Technology (NIST) has unveiled updated guidelines for password security, signaling a major departure from conventional practices. These recommendations, detailed
Hackers Compromise OpenAI Newsroom X Account to Launch Crypto Scam
Hackers gained access to OpenAI’s official press account on X, a platform utilized for product and policy updates. They issued a fraudulent announcement regarding a
Microsoft Audio Bus Flaw Allows Remote Code Execution for Attackers
Cisco Talos’ Vulnerability Research team has identified two critical vulnerabilities in Microsoft products, which the company has addressed during the recent Patch Tuesdays. These vulnerabilities
Meta Fined $101 Million for Storing Passwords in Plain Text
Meta has been hit with a €91 million ($101 million) fine by the Irish Data Protection Commission (DPC) for storing millions of user passwords in
HPE Aruba Networking Access Points Exposed to Remote Code Execution Vulnerabilities
HPE Aruba Networking has released a critical security advisory highlighting several vulnerabilities in their Access Points using Instant AOS-8 and AOS-10 software. These flaws, tracked
Hackers Exploit HTML Smuggling to Deploy Advanced Phishing Page
HTML smuggling is an advanced method employed by cybercriminals to distribute malware by incorporating harmful JavaScript into seemingly innocuous HTML files. This technique leverages HTML5
Storm-0501 Ransomware Group Targeting Hybrid Cloud Environments
Ransomware groups are structured cybercriminal organizations that use malicious software to encrypt victims’ data and demand ransom payments in exchange for decryption keys. The proliferation
LummaC2 Stealer Exploits Custom Control Flow Indirection for Malicious Execution
LummaC2 Stealer is an advanced malware designed to steal sensitive information, primarily targeting cryptocurrency wallets and two-factor authentication (2FA) extensions in multiple web browsers. Initially
Severe WhatsUp Gold Vulnerabilities Allow Attackers to Gain Unauthorized Network Access
WhatsUp Gold, a popular network monitoring tool, has uncovered six critical vulnerabilities that could enable attackers to gain unauthorized access to networks. Users running versions
VLC Player Flaw Allows Code Execution by Attackers—Update Immediately
A serious vulnerability in VLC media player has been discovered, enabling attackers to execute harmful code on users’ devices. Highlighted in the Security Bulletin for
Severe Vulnerability in NVIDIA Container Toolkit Could Allow Attackers Full Host Access
A serious security vulnerability has been identified in the NVIDIA Container Toolkit that could enable attackers to escape from a container and gain full access
Critical Unauthenticated RCE Vulnerability Discovered in All Linux Systems
A critical remote code execution (RCE) vulnerability has been discovered in the Common Unix Printing System (CUPS), impacting all GNU/Linux systems. Uncovered by Simone Margaritelli,
Cloudflare Alerts on India-Linked Hackers Targeting Organizations in South and East Asia
A sophisticated threat actor linked to India has been observed leveraging multiple cloud services to carry out credential theft, malware distribution, and command-and-control (C2) operations.
Critical Vulnerability in Citrix XenServer and Hypervisor Allows Malicious Admin to Crash Host System
Citrix has released a security advisory detailing vulnerabilities in XenServer and Citrix Hypervisor that could allow a malicious guest VM administrator to crash or disable
Chinese Hackers Breach U.S. Internet Providers in Ongoing Cyber Espionage Campaign
State-sponsored hackers backed by Beijing have breached multiple U.S. internet service providers (ISPs) in a cyber espionage campaign aimed at extracting sensitive information, according to
MoneyGram Confirms Cyberattack After Prolonged Service Outage
MoneyGram, a prominent international money transfer service, has disclosed it was targeted by a cyberattack, causing an extended network outage that affected several of its
Severe Vulnerability in Microchip ASF Puts IoT Devices at Risk of Remote Code Execution
A critical vulnerability in the Microchip Advanced Software Framework (ASF) has been uncovered, potentially allowing remote code execution (RCE) via a stack-based overflow in the
Discord Unveils DAVE Protocol for End-to-End Encryption in Voice and Video Calls
Discord has announced the launch of a new end-to-end encryption (E2EE) protocol called DAVE (Discord’s Audio and Video End-to-End Encryption), aimed at securing audio and
New PondRAT Malware Embedded in Python Packages Targets Software Developers
North Korean-linked hackers have been using tainted Python packages to deploy a new malware named PondRAT, according to Palo Alto Networks’ Unit 42. PondRAT is
Chinese Hackers Leverage GeoServer Vulnerability to Deploy EAGLEDOOR Malware in Attacks on APAC Nations
A Chinese-linked advanced persistent threat (APT), identified as Earth Baxia, has been targeting government organizations in Taiwan and other Asia-Pacific (APAC) nations by exploiting a
Severe FreeBSD Hypervisor Flaw Enables Attackers to Run Malicious Code
A critical vulnerability has been uncovered in the FreeBSD hypervisor, bhyve, that allows malicious software within a guest virtual machine (VM) to execute arbitrary code
TeamTNT Hackers Targeting VPS Servers Running CentOS
The hacking group TeamTNT, notorious for its cryptojacking campaigns, has re-emerged with a new attack targeting Virtual Private Servers (VPS) running on the CentOS operating
Severe Ivanti Cloud Appliance Vulnerability Targeted in Ongoing Cyberattacks
Ivanti has disclosed a critical vulnerability affecting its Cloud Service Appliance (CSA), which is currently being actively exploited. The flaw, identified as CVE-2024-8963, holds a
Alert for Travelers: Phishing Scams Targeting Booking.com Users
Phishing scams, a form of social engineering, deceive victims into sharing sensitive data by impersonating trusted organizations. Attackers commonly pose as banks or companies through
Hezbollah Rocked by Explosive Cyberattack: Malware Causes Pager Batteries to Detonate, Injuring Hundreds
A significant security incident occurred within Hezbollah in Lebanon when malware infiltrated the group’s communication systems, leading to explosions in pager batteries. The explosions, which
Google Chrome Adopts ML-KEM for Enhanced Post-Quantum Cryptography Defense
Google has announced its plan to transition from KYBER to ML-KEM in its Chrome browser as part of ongoing efforts to protect against threats posed
U.S. Treasury Imposes Sanctions on Executives Tied to Intellexa’s Predator Spyware Operation
The U.S. Department of Treasury has introduced new sanctions against five executives and one entity linked to the Intellexa Consortium for their involvement in the
Watch Out for Fraudulent AppleCare+ Services Scamming Users
A malicious operation has been uncovered, targeting Mac users searching for AppleCare+ support or extended warranty services. Scammers are purchasing Google ads to direct victims
Apple Withdraws Spyware Lawsuit Against NSO Group Over Concerns of Threat Intelligence Exposure
Apple has filed a motion to voluntarily dismiss its lawsuit against NSO Group, citing the evolving threat landscape and the risk of exposing critical security
Cybercriminals Leverage HTTP Headers in Large-Scale Phishing Campaigns for Credential Theft
Cybersecurity researchers have flagged an ongoing phishing campaign that exploits refresh entries in HTTP headers to deliver fake email login pages aimed at stealing user
Medusa Ransomware Leveraging Fortinet Vulnerability for Advanced Attacks
The Medusa ransomware group has been exploiting a critical SQL injection vulnerability in Fortinet’s FortiClient EMS software, identified as CVE-2023-48788. This flaw allows attackers to
Azure API Management Flaw Allowed Privilege Escalation
A critical vulnerability was identified in Azure API Management (APIM), allowing users with Reader-level access to escalate their privileges to Contributor-level access. This flaw enabled
Kawasaki Europe Confirms Cyberattack with RansomHub Claiming Responsibility
Kawasaki Motors Europe (KME) confirmed a cyberattack in early September that briefly disrupted its operations, though the company stated the attack was ultimately unsuccessful. As
Port of Seattle Confirms August Cyberattack Involving Rhysida Ransomware
The Port of Seattle has confirmed that the Rhysida ransomware group was behind the cyberattack that disrupted its operations on August 24, 2024. The attack
Ivanti Issues Warning on Active Exploitation of Recently Patched Cloud Appliance Vulnerability
Ivanti recently disclosed that a newly patched security flaw in its Cloud Service Appliance (CSA) is being actively exploited. The vulnerability, tracked as CVE-2024-8190 with
Apple Vision Pro Vulnerability Exposes Virtual Keyboard Inputs to Attackers
A recently revealed security flaw in Apple’s Vision Pro mixed reality headset, now patched, could have allowed attackers to deduce data entered via the device’s
17-Year-Old Arrested Over Cyber Attack on Transport for London
British authorities announced the arrest of a 17-year-old male from Walsall in connection with a cyber attack on Transport for London (TfL) that occurred on
TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud
Cybersecurity researchers have identified a new variant of the Android banking trojan TrickMo, equipped with enhanced features for evading detection and capturing victims’ banking credentials
New Linux Malware Campaign Targets Oracle WebLogic Servers for Cryptocurrency Mining
Cybersecurity researchers have identified a new malware campaign targeting Linux systems to perform unauthorized cryptocurrency mining, specifically exploiting Oracle WebLogic servers. According to cloud security
New Vo1d Malware Hits 1.3 Million Android TV Boxes Globally
Nearly 1.3 million Android-based TV boxes, running outdated versions of the operating system and used in 197 countries, have been compromised by a new malware
New Android malware named ‘Ajina.Banker’ is targeting financial data and bypassing two-factor authentication (2FA) through Telegram.
There has been a new Ajina strain of Android malware since at least November 2024.In an attempt to obtain financial data and intercept two-factor authentication