exploit
-
Hackers Exploit COM Objects for Fileless Malware and Lateral Movement
Security researchers Dylan Tran and Jimmy Bayne have unveiled a new fileless lateral movement technique that exploits trapped Component Object…
Read More » -
Threat Actors Use “Atlantis AIO” Tool to Automate Credential Stuffing Attacks
In a concerning development for cybersecurity professionals, threat actors are increasingly utilizing a powerful tool called Atlantis AIO to automate…
Read More » -
New Specter Insight C2 Tool Fuels ClickFix-Based Hacking Campaigns
A recent cybersecurity investigation has uncovered a previously unidentified Command and Control (C2) framework, dubbed Specter Insight C2. This discovery was…
Read More » -
Hackers Deploy Fake Semrush Ads to Steal Google Account Credentials
In a recent cybersecurity threat, hackers have been using fake Semrush ads to target Google account credentials. This campaign involves…
Read More » -
JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control
JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security…
Read More » -
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in…
Read More » -
Attackers Leverage Weaponized CAPTCHAs to Execute PowerShell and Deploy Malware
In a recent surge of sophisticated cyberattacks, threat actors have been utilizing fake CAPTCHA challenges to trick users into executing…
Read More » -
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution. These vulnerabilities, which include CVE-2025-23120,…
Read More » -
Signal Messenger Exploited in Targeted Attacks on Defense Industry Employees
The Computer Emergency Response Team of Ukraine (CERT-UA) has reported a series of targeted cyberattacks against employees of the defense-industrial…
Read More » -
Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices
Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the…
Read More » -
Crypto Platform OKX Suspends Tool Abused by North Korean Hackers
Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator tool. This decision comes on the…
Read More » -
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability…
Read More » -
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…
Read More » -
New Context Compliance Exploit Jailbreaks Major AI Models
Microsoft researchers have uncovered a surprisingly straightforward method that can bypass safety guardrails in most leading AI systems. In a…
Read More » -
DeepSeek R1 Jailbreaked to Create Malware, Including Keyloggers and Ransomware
The increasing popularity of generative artificial intelligence (GenAI) tools, such as OpenAI’s ChatGPT and Google’s Gemini, has attracted cybercriminals seeking…
Read More » -
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to…
Read More » -
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
A recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command…
Read More » -
AWS SNS Exploited for Data Exfiltration and Phishing Attacks
Amazon Web Services’ Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and…
Read More » -
Using AI-Driven Cybersecurity Training to Counter Emerging Threats
As Artificial Intelligence (AI)-powered cyber threats surge, INE Security, a global leader in cybersecurity training and certification, is launching a…
Read More »