data
-
Attackers Leverage Weaponized CAPTCHAs to Execute PowerShell and Deploy Malware
In a recent surge of sophisticated cyberattacks, threat actors have been utilizing fake CAPTCHA challenges to trick users into executing…
Read More » -
New Steganographic Malware Hides in JPEG Files to Spread Infostealers
A recent cybersecurity threat has been identified, where steganographic malware is being distributed through seemingly innocuous JPEG image files. This…
Read More » -
mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices
In a significant discovery, PRODAFT’s security research team has identified two critical vulnerabilities in the mySCADA myPRO Manager, a widely…
Read More » -
Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers
A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across various…
Read More » -
Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices
Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the…
Read More » -
Hackers Rapidly Adopt ClickFix Technique for Sophisticated Attacks
In recent months, a sophisticated social engineering technique known as ClickFix has gained significant traction among cybercriminals and nation-state-sponsored groups.…
Read More » -
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…
Read More » -
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to…
Read More » -
AWS SNS Exploited for Data Exfiltration and Phishing Attacks
Amazon Web Services’ Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and…
Read More »