evolving
-
New Zhong Stealer Malware Exploit Zendesk to Attack Fintech and Cryptocurrency
A newly identified malware, dubbed Zhong Stealer, has emerged as a significant threat to the fintech and cryptocurrency sectors. Any.run…
Read More » -
Nagios XI Flaw Exposes User Details and Emails to Unauthenticated Attackers”
A security vulnerability in Nagios XI 2024R1.2.2, tracked as CVE-2024-54961, has been disclosed, allowing unauthenticated attackers to retrieve sensitive user…
Read More » -
New Darcula 3.0 Tool Generates Phishing Kits to Mimic Global Brands
The cybercriminal group behind the notorious “darcula-suite” platform has unveiled its latest iteration, darcula 3.0, which introduces groundbreaking capabilities for…
Read More » -
Check Point Software to Open First Asia-Pacific R&D Centre in Bengaluru, India
Check Point Software Technologies Ltd. has announced plans to establish its inaugural Asia-Pacific Research and Development (R&D) Centre in Bengaluru,…
Read More » -
Threat Actors Trojanize Popular Games to Evade Security and Infect Systems
A sophisticated malware campaign was launched by cybercriminals, targeting users through trojanized versions of popular games. Exploiting the holiday season’s…
Read More » -
Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension
SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using the .NET framework. This malware is…
Read More » -
Zacks Investment Data Breach Exposes 12 Million Emails and Phone Numbers
A cybersecurity incident at Zacks Investment Research has exposed sensitive data belonging to 12 million users, marking the second major…
Read More » -
Ransomware Gangs Encrypt Systems 17 Hours After Initial Infection
Ransomware gangs are accelerating their operations, with the average time-to-ransom (TTR), the period between initial system compromise and the deployment…
Read More » -
Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins
A new phishing kit named Astaroth has emerged as a significant threat in the cybersecurity landscape by bypassing two-factor authentication…
Read More » -
Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through…
Read More » -
Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited
Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization…
Read More » -
Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat
January 2025 marked a pivotal month in the ransomware landscape, with Akira emerging as the most active and dominant threat…
Read More » -
New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps
A new wave of scareware attacks has emerged, targeting unsuspecting mobile users with fake antivirus applications designed to exploit fear…
Read More » -
A Novel Defense Against Backdoor Attacks
Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning…
Read More » -
Real-World AD Breaches and the Future of Cybersecurity
Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated…
Read More » -
Hackers Impersonate Top Tax Firm with 40,000 Phishing Messages to Steal Credentials.
Proofpoint researchers have identified a marked increase in phishing campaigns and malicious domain registrations designed to exploit tax filing season.…
Read More » -
PayPal Fined $2 Million Fine For Violating Cybersecurity Regulations
The New York State Department of Financial Services (NYDFS) has imposed a $2 million penalty on PayPal, Inc. for breaches…
Read More » -
CISA Releases Six ICS Advisories Details Security Issues
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range…
Read More » -
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users.…
Read More »