Cybersecurity News
-
Foxit PDF Editor Vulnerabilities Allows Remote Code Execution
Foxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF Reader and Foxit PDF Editor. The updates—Foxit PDF Reader 2024.4 and Foxit PDF Editor 2024.4/13.1.5—were…
Read More » -
Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution
72 Hours to Audit-Ready API Security APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation. Join…
Read More » -
Threat Actors Selling Nunu Stealer On Hacker Forums
A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker forums and Telegram channels. Priced at $100 per month, this malicious tool is gaining attention for…
Read More » -
Malicious Supply Chain Attacking Moving From npm Community To VSCode Marketplace
Researchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability of the platform to supply chain attacks similar to those previously seen in the npm…
Read More » -
Beware Of Malicious SharePoint Notifications That Delivers Xloader Malware
Through the use of XLoader and impersonating SharePoint notifications, researchers were able to identify a sophisticated malware delivery campaign. A link that was disguised as a legitimate SharePoint notification was…
Read More » -
CISA Released Secure Mobile Communication Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to safeguard mobile communications amid rising concerns over cyber espionage activities linked to People’s Republic of China…
Read More » -
INTERPOL Urges to End ‘Pig Butchering’ & Replaces With “Romance Baiting”
INTERPOL has called for the term “romance baiting” to replace “pig butchering,” a phrase widely used to describe a manipulative scam where victims are emotionally exploited and financially defrauded. The…
Read More » -
New VIPKeyLogger Via Weaponized Office Documenrs Steals Login Credentials
The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. Delivered as attachments disguised as archives or Microsoft 365 files, it employs malicious Microsoft Office…
Read More » -
Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers
Malicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a typically harmless security feature, to launch large-scale malware distribution campaigns. This startling revelation uncovers how these…
Read More » -
Texas Tech Systems Breach, Hackers Accessed System Folders & Files
The Texas Tech University Health Sciences Center (TTUHSC) and Texas Tech University Health Sciences Center El Paso (TTUHSC El Paso), collectively known as the HSCs, have disclosed a significant cybersecurity…
Read More » -
Hackers Weaponizing Microsoft Teams to Gain Remote Access
Recent cybersecurity research has uncovered a concerning trend where hackers are exploiting Microsoft Teams to gain remote access to victim systems. Utilizing sophisticated social engineering tactics, these malicious actors pose…
Read More » -
The Rise of AI-Generated Professional Headshots
It’s clear that a person’s reputation is increasingly influenced by their online presence, which spans platforms like LinkedIn, corporate websites, and various professional networks. In today’s digital age, having a…
Read More » -
Hackers Exploiting Apache Struts2 Vulnerability to upload Malicious Payloads
Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used open-source framework for developing Java web applications. The vulnerability, assigned the identifier CVE-2024-53677, has a critical…
Read More »