malicious
-
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability…
Read More » -
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…
Read More » -
DeepSeek R1 Jailbreaked to Create Malware, Including Keyloggers and Ransomware
The increasing popularity of generative artificial intelligence (GenAI) tools, such as OpenAI’s ChatGPT and Google’s Gemini, has attracted cybercriminals seeking…
Read More » -
AWS SNS Exploited for Data Exfiltration and Phishing Attacks
Amazon Web Services’ Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and…
Read More » -
Hackers Exploiting Exposed Jupyter Notebooks to Deploy Cryptominers
Cado Security Labs has identified a sophisticated cryptomining campaign exploiting misconfigured Jupyter Notebooks, targeting both Windows and Linux systems. The…
Read More » -
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting…
Read More » -
Jaguar Land Rover Allegedly Hit by Cyberattack, Hacker Claims
A threat actor known as “Rey” has come forward on a prominent dark web forum, claiming responsibility for a significant…
Read More » -
Critical Veritas Vulnerability Allows Attackers to Execute Malicious Code
A critical vulnerability has been discovered in Veritas’ Arctera InfoScale product, a solution widely used for disaster recovery and high…
Read More » -
North Korean IT Workers Linked to 2,400 Astrill VPN IP Addresses
new data has emerged linking over 2,400 IP addresses associated with Astrill VPN to individuals believed to be North Korean…
Read More » -
WinDbg Vulnerability Allows Attackers to Execute Remote Code
Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows…
Read More » -
New PyPI Malware Targets Developers to Steal Ethereum Wallets
A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named set-utils, designed to steal Ethereum…
Read More » -
Lumma Stealer Using Fake Google Meet & Windows Update Sites to Launch “Click Fix” Style Attack
Cybersecurity researchers continue to track sophisticated “Click Fix” style distribution campaigns that deliver the notorious Lumma Stealer malware to unsuspecting…
Read More » -
10 Best Penetration Testing Companies in 2025
Penetration testing companies play a vital role in strengthening the cybersecurity defenses of organizations by identifying vulnerabilities in their systems,…
Read More » -
NVIDIA Issues Warning About Severe Security Flaws Enabling Code Attacks
NVIDIA has issued an urgent security bulletin urging customers using its Hopper HGX 8-GPU High-Performance Computing (HMC) systems to immediately install firmware…
Read More » -
Pathfinder AI – Hunters Announces New AI Capabilities for Smarter SOC Automation
Pathfinder AI expands Hunters’ vision for AI-driven SOCs, introducing Agentic AI for autonomous investigation and response. Hunters, the leader in…
Read More » -
Threat Actors Exploiting AES Encryption for Stealthy Payload Protection
Cybersecurity researchers have uncovered a surge in the use of Advanced Encryption Standard (AES) encryption by threat actors to shield…
Read More » -
New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data
A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software has been uncovered, exposing a dangerous…
Read More »