malicious
-
Linux Boot Vulnerability Lets Attackers Bypass Secure Boot Protections
A newly highlighted vulnerability in the Linux boot process exposes a critical weakness in the security posture of many modern…
Read More » -
Writable File in Lenovo Path Lets Attackers Evade AppLocker Restrictions
A security researcher has uncovered a significant vulnerability affecting Lenovo computers: a writable file within the Windows directory that can…
Read More » -
Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware
Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles…
Read More » -
Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence
Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially…
Read More » -
SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are
Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s…
Read More » -
Malicious SEO Plugins on WordPress Can Lead to Site Takeover
A new wave of cyberattacks is targeting WordPress websites through malicious SEO plugins that can lead to complete site takeover.…
Read More » -
Multiple PHP Vulnerabilities Enables SQLi and DoS Attacks – Update Now
Security researchers have disclosed two significant vulnerabilities in PHP, the popular server-side scripting language, that could allow attackers to launch…
Read More » -
Surge in LNK File Weaponization by 50%, Fueling Four Major Malware Types
The weaponization of Windows shortcut (LNK) files for malware distribution has increased by an astounding 50%, according to telemetry data,…
Read More » -
Chinese Student Charged in Mass Smishing Campaign to Steal Victims’ Personal Information
Ruichen Xiong, a student from China, has been sentenced to over a year in prison at Inner London Crown Court…
Read More » -
Over 600K WordPress Sites at Risk Due to Critical Plugin Vulnerability
A critical security flaw in the popular Forminator WordPress plugin has put more than 600,000 websites worldwide at risk of remote takeover,…
Read More » -
Hackers Deliver Remcos Malware Via .pif Files and UAC Bypass in Windows
A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack…
Read More » -
Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control
A sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications,…
Read More » -
Threat Actors Transform GIFTEDCROOK Stealer into an Intelligence-Gathering Tool
The Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the…
Read More » -
Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells
Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and…
Read More » -
ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments
ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but…
Read More » -
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
A sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting macOS users through a deceptive method known as Clickfix…
Read More » -
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
In a recent discovery by the CYFIRMA research team, a sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting…
Read More »