Cybersecurity News
-
Users Report Disruptions in Web Camera and USB Devices
Windows 11 KB5050009 for version 24H2 has sparked widespread frustrations among users due to a slew of compatibility and functionality issues. Reports indicate that the update, which aims to introduce…
Read More » -
Critical IBM Security Directory Vulnerability Enables Session Cookie Theft
Free Webinar – DevSecOps Hacks By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.…
Read More » -
White House Considers Oracle-Led Takeover of TikTok with U.S. Investors
In a significant development, the Trump administration is reportedly formulating a plan to prevent a nationwide ban on TikTok, involving Oracle and a consortium of private investors. Under the proposed…
Read More » -
Researchers Exploited Windows Charset Conversion Feature to Execute Remote Code
Researchers have exposed a systemic vulnerability within the Windows operating system, leveraging its “Best-Fit” charset conversion feature to bypass security checks and execute remote code. The findings highlight widespread implications…
Read More » -
PayPal Fined $2 Million Fine For Violating Cybersecurity Regulations
The New York State Department of Financial Services (NYDFS) has imposed a $2 million penalty on PayPal, Inc. for breaches of the state’s stringent cybersecurity regulations. The fine marks a…
Read More » -
INE Security Alert: Expediting CMMC 2.0 Compliance – GBHackers Security
Free Webinar – DevSecOps Hacks By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.…
Read More » -
Beware of Fake Captcha Verifications Spreading Lumma Malware
In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA pages to deliver the Lumma Stealer malware. Lumma, a malware-as-a-service (MaaS) tool that has been active…
Read More » -
Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor
A sophisticated cyber campaign dubbed “J-magic” has been discovered targeting enterprise-grade Juniper routers with a backdoor attack that leverages a passive monitoring agent. The operation, first detected in September 2023,…
Read More » -
CISA Releases Six ICS Advisories Details Security Issues
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range of critical systems. These advisories aim to inform organizations about…
Read More » -
Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague unearthed a major security vulnerability in Subaru’s STARLINK connected vehicle service. The flaw allowed unauthorized,…
Read More » -
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns…
Read More » -
Ex-CIA analyst pleaded guilty For Leaking Top Secret National Defense Information
A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining and transmitting Top Secret National Defense Information to unauthorized recipients. This alarming breach of national security…
Read More » -
AI-Powered Static Application Security Testing in the Developer Toolkit
In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the need for fast and secure development practices has never been…
Read More » -
Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education
AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a global provider of software in education, to deliver its integrated cybersecurity solution, Criminal IP, to students…
Read More » -
Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One
A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to masquerade as trusted ones during file upload or download operations. The issue, tracked under CVE-2025-23086, affects…
Read More » -
Researchers Accessed Windows BitLocker Encrypted Files Disassembling the Laptop
Cybersecurity researchers have uncovered a major flaw in the Windows BitLocker encryption system, allowing attackers to access encrypted data without requiring physical disassembly of the target laptop. The exploit, named “bitpixie”,…
Read More » -
CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in Aviatrix Controllers, identified as CVE-2024-50603. This vulnerability poses a serious risk,…
Read More »