risk
-
Critical Vulnerability in Microsens Devices Exposes Systems to Hackers
A series of critical vulnerabilities have been discovered in MICROSENS NMP Web+, a widely used network management platform for industrial…
Read More » -
Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control
A sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications,…
Read More » -
Threat Actors Transform GIFTEDCROOK Stealer into an Intelligence-Gathering Tool
The Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the…
Read More » -
Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells
Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and…
Read More » -
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
A sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting macOS users through a deceptive method known as Clickfix…
Read More » -
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
In a recent discovery by the CYFIRMA research team, a sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting…
Read More » -
CISA Issues Alert on ControlID iDSecure Flaws Enabling Bypass Authentication
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding critical vulnerabilities in ControlID’s iDSecure On-premises software,…
Read More » -
New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection…
Read More » -
TeamViewer for Windows Vulnerability Lets Hackers Delete Files with SYSTEM Rights
A critical security vulnerability has been discovered in TeamViewer Remote Management for Windows, exposing systems to potential privilege escalation attacks.…
Read More » -
America, Netflix, and Microsoft Hacked to Inject Fake Phone Numbers
Jérôme Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands…
Read More » -
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users…
Read More » -
Mattermost Vulnerabilities Let Attackers Execute Remote Code Via Path Traversal
Mattermost, a widely-used open-source collaboration platform, has recently disclosed critical vulnerabilities in its software that could allow attackers to execute…
Read More » -
Israeli Social Media Users Targeted in Covert Iranian Influence Campaign
A covert Iranian social media operation has been uncovered, targeting Israeli users on platform X with a psychological campaign designed…
Read More » -
Hackers Target 700+ ComfyUI AI Image Generation Servers to Spread Malware
China’s National Cybersecurity Notification Center has issued an urgent warning about critical vulnerabilities in ComfyUI, a widely used image-generation framework…
Read More » -
Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine
The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed…
Read More » -
Open Next SSRF Flaw in Cloudflare Lets Hackers Fetch Data from Any Host
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, posing a significant security threat to…
Read More » -
SuperCard Malware Hijacks Android Devices to Steal Payment Card Data and Relay it to Attackers
F6, a leading developer of technologies to combat cybercrime, has reported the emergence of SuperCard, a malicious modification of the…
Read More » -
Veeam Vulnerabilities Expose Backup Servers to Remote Attacks
Veeam, a leading provider of data protection and backup solutions, disclosed three critical vulnerabilities affecting its widely deployed backup software.…
Read More »