embedded
-
June 3, 2025
New Linux PumaBot Targets IoT Devices with SSH Credential Brute-Force Attack
A new and insidious threat has surfaced in the cybersecurity landscape as Darktrace’s Threat Research team uncovers PumaBot, a Go-based…
Read More » -
June 3, 2025
New Safari XSS Vulnerability Exploits JavaScript Error Handling to Run Arbitrary Code
Cross-site scripting (XSS) remains one of the most persistent threats in web security, but most discussions focus on traditional vectors.…
Read More » -
May 31, 2025
Weaponized AI Tool Installers Infect Devices with Ransomware
Cisco Talos has uncovered a series of malicious threats masquerading as legitimate AI tool installers, targeting unsuspecting users and businesses…
Read More » -
May 31, 2025
Threat Actors Exploit Google Apps Script to Host Phishing Sites
The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development…
Read More » -
May 29, 2025
UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers
The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its…
Read More » -
May 24, 2025
Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier.…
Read More » -
May 22, 2025
CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications
Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on critical security flaws in .NET-based…
Read More » -
May 20, 2025
Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data
A new research report released today by Progressive International, Expose Accenture, and the Movement Research Unit uncovers the sprawling influence…
Read More » -
May 20, 2025
New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials
A newly identified phishing campaign is targeting unsuspecting users by masquerading as urgent Zoom meeting invitations from colleagues. This deceptive…
Read More » -
May 17, 2025
Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication
A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package…
Read More » -
May 14, 2025
Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware
A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by threat actors deploying Horabot malware, predominantly…
Read More » -
May 14, 2025
Weaponized PyPI Package Targets Developers to Steal Source Code
Security researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on…
Read More » -
May 12, 2025
Metasploit Update Adds Erlang/OTP SSH Exploit and OPNSense Scanner
The open-source penetration testing toolkit Metasploit has unveiled a major update, introducing four new modules, including a highly anticipated exploit…
Read More » -
May 10, 2025
Phishing Scams on the Rise with Sophisticated PhaaS Toolkits and Realistic Fake Pages
Cybersecurity experts are raising alarms over the proliferation of increasingly sophisticated phishing techniques that leverage dedicated Phishing-as-a-Service (PhaaS) toolkits to…
Read More » -
May 10, 2025
New Stealthy .NET Malware Hiding Malicious Payloads within bitmap resources
Cybersecurity researchers at Palo Alto Networks’ Unit 42 have uncovered a novel obfuscation method employed by threat actors to conceal…
Read More » -
May 9, 2025
IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers
A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and macOS systems to local privilege…
Read More » -
April 30, 2025
Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks
Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing Simulator, designed to empower organizations in…
Read More » -
April 28, 2025
Advanced Multi-Stage Carding Attack Hits Magento Site Using Fake GIFs and Reverse Proxy Malware
A multi-stage carding attack has been uncovered targeting a Magento eCommerce website running an outdated version 1.9.2.4. This version, unsupported…
Read More » -
April 18, 2025
Building a Security-First Culture – Advice from Industry CISOs
In today’s threat landscape, cybersecurity is no longer confined to firewalls and encryption it’s a cultural imperative. Chief Information Security…
Read More » -
April 14, 2025
BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks
A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool…
Read More »