malicious
-
Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague unearthed a major security vulnerability…
Read More » -
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users.…
Read More » -
Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education
AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a global provider of software in education,…
Read More » -
Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One
A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to masquerade as trusted ones during file…
Read More » -
CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in…
Read More » -
New Tool Unveiled to Scan Hacking Content on Telegram
A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking AI module designed to monitor and…
Read More » -
Hackers Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol
Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured on-premises applications can bypass Group Policy…
Read More » -
AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV
Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions of its native clients for…
Read More » -
AIRASHI Botnet Exploiting 0DAY Vulnerabilities In Large Scale DDoS Attacks
AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August 2024 that leveraged a 0DAY vulnerability…
Read More » -
Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks
As California grapples with devastating wildfires, communities are rallying to protect lives and property. Unfortunately, these disasters have also created…
Read More » -
RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation
Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe…
Read More » -
Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability
A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet. The attacks, observed by…
Read More » -
CISA Launched A Free Guide to Enhance OT Products Security
To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new…
Read More » -
IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks
A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its integration with IBM Cloud Pak for…
Read More » -
Beware! Fake Crowdstrike Recruitment Emails Spread Cryptominer Malware
CrowdStrike, a leader in cybersecurity, uncovered a sophisticated phishing campaign that leverages its recruitment branding to propagate malware disguised as…
Read More » -
New NonEuclid RAT Evades Antivirus and Encrypts Critical Files
A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant…
Read More » -
Weaponized LDAP Exploit Deploys Information-Stealing Malware
Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed “LDAPNightmare”). …
Read More » -
United Nations Aviation Agency Hacked Recruitment Data Exposed
The International Civil Aviation Organization (ICAO), a United Nations agency responsible for coordinating global aviation standards, has reported a significant…
Read More »