Category: Cyber Security News

Welcome to this week’s Cybersecurity Newsletter, which presents the latest updates and key insights from the continuously evolving domain of cybersecurity. In the fast-paced digital environment of today, it is imperative to remain informed, and our objective is to provide…

Read more →

February 1 marks National Change Your Password Day, a timely initiative to combat escalating cyber risks by promoting stronger password practices. With hacking incidents surging globally, the Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the critical role of multi-factor authentication (MFA) in safeguarding digital accounts. Despite annual reminders to update…

Read more →

The notorious WantToCry ransomware group leverages misconfigured Server Message Block (SMB) services to infiltrate networks and launch widespread attacks. The weaknesses in SMBs, such as weak credentials, outdated software, and poor security configurations, are providing attackers with an easy entry…

Read more →

WhatsApp revealed on Friday that a “zero-click” spyware attack, attributed to the Israeli firm Paragon, has targeted scores of users worldwide, including journalists and members of civil society. The spyware targeted nearly 100 WhatsApp users, including journalists, and did not…

Read more →

In a move to enhance user privacy, WhatsApp has rolled out a significant update allowing users to control who can view their profile photos. This feature, available on both iOS and Android devices, provides users with more granular control over…

Read more →

Google announced today it blocked a record 2.28 million policy-violating apps from entering the Play Store in 2023, leveraging advanced machine learning, stricter developer vetting, and cross-industry collaborations to combat evolving cyberthreats.  The milestone underscores efforts to uphold its SAFE…

Read more →

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden…

Read more →

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden…

Read more →

A sophisticated cyber campaign orchestrated by the threat group TAG-124 has compromised over 1,000 WordPress websites to deploy malicious payloads. The operation leverages a multi-layered Traffic Distribution System (TDS) to infect users with malware, demonstrating advanced evasion tactics and infrastructure…

Read more →

Cybersecurity researchers have uncovered a sophisticated campaign leveraging GitHub’s trusted release infrastructure to distribute the Lumma Stealer malware. This information-stealing malware, part of a growing trend of cybercriminals abusing legitimate platforms, poses significant risks by exfiltrating sensitive data and deploying…

Read more →

The New York Blood Center Enterprises (NYBC), a vital organization responsible for supplying blood and blood products to hospitals across the region, has fallen victim to a ransomware attack. The incident has significantly disrupted its IT systems, forcing the organization…

Read more →

The rapid rise of DeepSeek, a Chinese artificial intelligence (AI) company, has not only disrupted the AI industry but also attracted the attention of cybercriminals. As its AI Assistant app became the most downloaded free app on the iOS App…

Read more →

Researchers have uncovered two critical vulnerabilities in GitHub Copilot, Microsoft’s AI-powered coding assistant, that expose systemic weaknesses in enterprise AI tools.  The flaws—dubbed “Affirmation Jailbreak” and “Proxy Hijack”—allow attackers to bypass ethical safeguards, manipulate model behavior, and even hijack access…

Read more →

A new wave of cyberattacks leveraging the Coyote Banking Trojan has been identified, targeting financial institutions in Brazil. This sophisticated malware employs malicious Windows LNK (shortcut) files as an entry point to execute PowerShell scripts, enabling multi-stage infection chains that…

Read more →

Cisco’s Webex Chat (formerly known as IMI Chat) was found to have a significant security flaw that exposed the sensitive chat histories of hundreds to thousands of organizations. The exploit allowed unauthorized attackers to access millions of live customer support…

Read more →

A critical cybersecurity vulnerability has been uncovered in Contec CMS8000 patient monitors, revealing embedded malware that poses significant risks to patient safety and data security. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that the devices include a backdoor…

Read more →

In a law enforcement operation dubbed “Operation Talent,” an international coalition of law enforcement agencies led by Germany’s Bundeskriminalamt (BKA) and Europol has dismantled two of the world’s largest cybercrime forums: Cracked.io and Nulled.to. These platforms, which collectively hosted over…

Read more →

A critical unauthenticated Remote Code Execution (RCE) vulnerability has been affecting DSL-3788 routers, allowing attackers to acquire complete control over the router remotely. The flaw has been detected in firmware versions v1.01R1B036_EU_EN and below. This vulnerability was reported by Max…

Read more →

A significant extension of Microsoft’s Microsoft 365 (M365) Bounty Program has been announced. The program now includes new Viva products under its scope for identifying vulnerabilities, with rewards reaching up to $27,000 for critical submissions.  This update underscores Microsoft’s commitment…

Read more →

Broadcom has addressed multiple vulnerabilities in its VMware Aria Operations for Logs and VMware Aria Operations products.  These vulnerabilities, identified as CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221, and CVE-2025-22222, pose significant risks, including unauthorized access to sensitive data and privilege escalation.  The…

Read more →

James Forshaw of Google Project Zero has shed light on a significant security vulnerability in Windows related to accessing trapped COM objects through the IDispatch interface. This research highlights an intriguing bug class that exploits cross-process communication features in object-oriented…

Read more →

Recent revelations have exposed critical vulnerabilities in DeepSeek’s large language models (LLMs), particularly DeepSeek-R1, through advanced jailbreaking techniques. These exploits, including “Bad Likert Judge,” “Crescendo,” and “Deceptive Delight,” have demonstrated the ease with which malicious actors can bypass safety measures…

Read more →

In a recent disclosure to the stock exchanges, Tata Technologies Limited announced that it has been the victim of a ransomware attack affecting some of its IT assets. Tata Technologies, headquartered in Pune, India, is a subsidiary of the Tata…

Read more →

A new jailbreak vulnerability in OpenAI’s ChatGPT-4o, dubbed “Time Bandit,” has been exploited to bypass the chatbot’s built-in safety functions. This vulnerability allows attackers to manipulate the chatbot into producing illicit or dangerous content, including instructions for malware creation, phishing…

Read more →

The Tor Project, a renowned organization dedicated to online privacy and anonymity, has fallen victim to a cyberattack. On January 30, 2025, the group’s official X (formerly Twitter) account was compromised and used to promote a fraudulent cryptocurrency scheme. The…

Read more →

A newly discovered Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024. Leveraging fake wedding invitations as a lure, this Trojan steals sensitive data, including SMS messages, call logs, and app notifications, and…

Read more →

Cybersecurity experts have uncovered the use of the Phorpiex botnet to distribute LockBit Black ransomware (LockBit 3.0) through millions of phishing emails and compromised websites. This campaign, active since April 2024, marks a significant evolution in ransomware delivery methods, leveraging…

Read more →

Cyber threats evolve rapidly, but some tactics stand out for their widespread use and effectiveness. In its latest 2024 trends report, ANY.RUN identified the top malware Tactics, Techniques, and Procedures (TTPs) employed by cyber attackers for malicious purposes. Let’s dive…

Read more →

The Arcus Media ransomware has emerged as a significant cybersecurity threat, employing advanced techniques to maximize disruption and hinder recovery efforts. Operating under a Ransomware-as-a-Service (RaaS) model, the group has targeted industries worldwide, including business services, retail, and media, since…

Read more →

A sophisticated Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024.  The malware uses fake wedding invitations as a lure to trick victims into installing a malicious Android Package Kit (APK).  Once installed,…

Read more →

Multiple critical security vulnerabilities affecting Canon Laser Printers and Small Office Multifunctional Printers.  These vulnerabilities, identified as buffer overflow flaws, could allow attackers to execute arbitrary code remotely or render the devices inoperative through Denial-of-Service (DoS) attacks.  The affected models…

Read more →

Microsoft has unveiled a significant update to Windows 11, enhancing the Start menu with seamless integration for both Android and iPhone devices.  This feature, previously exclusive to Android users, now extends to iPhone owners, allowing them to access their phone’s…

Read more →

A sophisticated cyberespionage campaign, tracked as CL-STA-0048, has been identified targeting government and telecommunications networks in South Asia. The attackers exploited vulnerabilities in public-facing servers running Microsoft IIS, Apache Tomcat, and MSSQL to gain unauthorized access and exfiltrate sensitive data.…

Read more →

The North Korean state-sponsored hacking group Lazarus has been implicated in a sophisticated supply chain attack targeting developers through malicious Node Package Manager (NPM) packages. Security researchers have identified the package, postcss-optimizer, as a key vector for delivering malware to…

Read more →

A sophisticated cyberattack has compromised over 10,000 WordPress websites, delivering cross-platform malware to unsuspecting users. The campaign exploits outdated WordPress versions and plugins, redirecting visitors to fake browser update pages that deploy malicious software targeting both macOS and Windows systems.…

Read more →

A new implementation of Kerberos relaying over HTTP has been unveiled, leveraging multicast poisoning to exploit vulnerabilities in Active Directory environments. The research, published by Quentin Roland, builds on previous work by cybersecurity expert James Forshaw, demonstrating how attackers can…

Read more →

The notorious Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT), has been implicated in a large-scale cyberattack campaign dubbed “Operation Phantom Circuit.” This operation involves embedding malicious backdoors into legitimate software packages, targeting developers and organizations worldwide. The…

Read more →

A new variant of the SystemBC Remote Access Trojan (RAT) has emerged, explicitly targeting Linux-based systems. Known for its stealth capabilities, this malware is designed to infiltrate corporate networks, cloud servers, and IoT devices, posing a significant threat to internal…

Read more →

DeepSeek AI has announced that its latest AI model, DeepSeek R1, now relies on Huawei’s Ascend 910C chip for inference tasks in a bold move that could ripple through the tech industry. This shift comes after the model was initially…

Read more →

A critical Remote Code Execution (RCE) vulnerability was discovered in the Lightning AI platform, a widely used tool for AI development. The flaw, which has since been patched, allowed attackers to gain root access by exploiting a hidden URL parameter.…

Read more →

A critical security vulnerability has been identified in TeamViewer Clients for Windows, allowing attackers with local access to escalate their privileges to the system level.  The flaw, tracked as CVE-2025-0065, affects versions of TeamViewer Full Client and Host prior to…

Read more →

OPNsense, the widely recognized open-source firewall and routing platform, celebrates its 10th anniversary with the release of version 25.1, codenamed “Ultimate Unicorn.”  This milestone release introduces significant upgrades, including enhanced security zone configurations, a redesigned user interface, and the integration…

Read more →

Microsoft has officially announced the integration of DeepSeek R1, an AI model, into its Azure AI Foundry platform and GitHub.  This move positions DeepSeek R1 among over 1,800 models, including frontier, open-source, and task-specific AI solutions.  The integration aims to…

Read more →

Cybercriminals have been exploiting vulnerabilities in the Remote Desktop Protocol (RDP) to gain unauthorized access to Windows systems and remotely control web browsers. This method not only compromises individual machines but also poses a significant threat to enterprise networks. RDP,…

Read more →

Cybercriminals recently exploited Google’s g.co subdomain to carry out a meticulously crafted scam over a vishing call. The incident was chronicled by Zach Latta, founder of Hack Club, who nearly fell victim to the attack. His account sheds light on…

Read more →

Cybercriminals are increasingly exploiting vulnerabilities in government websites to carry out phishing campaigns, leveraging the inherent trust users place in official domains. A recent report by Cofense Intelligence shows that how attackers are weaponizing .gov top-level domains (TLDs) across multiple…

Read more →

A security vulnerability in DeepSeek, a prominent Chinese AI startup, exposed a publicly accessible ClickHouse database containing highly sensitive information, including over a million lines of log streams. The breach, which included chat logs, API keys, backend details, and operational…

Read more →

Microsoft 365 users worldwide encountered significant disruptions today as multiple services, including the Microsoft 365 Admin Center, reported degradation or complete inaccessibility. The issue, first noted around 18:45 GMT, has left many users unable to access key services, with some…

Read more →

A significant cybersecurity threat has emerged as hackers on a prominent Russian dark web forum claim to be selling an active exploit targeting Fortinet devices. The exploit reportedly leverages a critical vulnerability, CVE-2024-55591, which affects FortiOS versions 7.0.0 through 7.0.16. …

Read more →

Researchers have uncovered two critical vulnerabilities in Apple’s custom silicon chips, dubbed SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Predictions).  These flaws, found in Apple’s A- and M-series processors, expose sensitive user data such as credit card…

Read more →

The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations.  While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations…

Read more →

The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance…

Read more →

WhatsApp’s “View Once” option is one of the privacy features in the instant messaging space that is intended to provide users with a sense of security. This feature allows users to send photos or videos that disappear after being viewed…

Read more →

Google’s Threat Intelligence Group (GTIG), in collaboration with Mandiant, has unveiled a comprehensive analysis of ScatterBrain, an advanced obfuscation tool used by China-linked cyber espionage group APT41. This obfuscator is central to the deployment of POISONPLUG.SHADOW, a modular backdoor targeting…

Read more →

Cybersecurity researchers have uncovered a surge in attacks leveraging SparkRAT, a cross-platform Remote Access Trojan (RAT) written in GoLang. This open-source tool, initially released on GitHub in 2022, has become a favorite among hackers due to its modular design, multi-platform…

Read more →

A significant threat in the cybersecurity landscape has emerged, dubbed Hellcat, a new ransomware group. This ransomware group leverages a Ransomware-as-a-Service (RaaS) model to target critical sectors such as government, education, and energy. First identified in mid-2024, Hellcat operates by…

Read more →

A new strain of information-stealing malware, dubbed FleshStealer, has emerged as a significant threat to internet users worldwide. This advanced infostealer targets Chromium and Mozilla-based web browsers, exploiting their vulnerabilities to steal sensitive data, including credentials, cryptocurrency wallet information, and…

Read more →

A proof-of-concept (PoC) exploit for the actively exploited Windows Common Log File System (CLFS) vulnerability, tracked as CVE-2024-49138 has been released. This vulnerability, which Microsoft patched on December 10, 2024, with update KB5048685 for Windows 11 versions 23H2 and 22H2,…

Read more →

Wallarm’s 2025 API ThreatStats Report exposes a startling rise in AI-focused attacks, with researchers tracking 439 AI-related CVEs in 2024—a 1,025% jump over the previous year. Almost all of these exploits 99% involve weak or poorly configured APIs. Injection flaws,…

Read more →

A new variant of the Mirai-based malware, dubbed Aquabotv3, has been identified by the Akamai Security Intelligence and Response Team (SIRT). This malware is actively exploiting a command injection vulnerability in Mitel SIP phones to execute malicious commands and propagate…

Read more →

Security experts has uncovered the sophisticated infrastructure of the Lynx Ransomware-as-a-Service (RaaS) group in a recent investigation. This ransomware group is Known for its cross-platform capabilities and affiliate-driven model. Lynx targets Windows, Linux, and VMware ESXi environments, posing a significant…

Read more →

DeepSeek R1, the latest AI model from China, is making waves in the tech world for its reasoning capabilities. Positioned as a challenger to AI giants like OpenAI, it has already climbed to 6th place on the Chatbot Arena benchmarking…

Read more →

The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severity.  It allows authenticated users with device management permissions to execute arbitrary commands on the server,…

Read more →

A vulnerability in a third-party travel service API has exposed millions of airline users to potential account takeovers, enabling attackers to exploit airline loyalty points and access sensitive personal information.  The flaw, discovered by Salt Labs, highlights the risks associated…

Read more →

A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553).  The issue stems from improper handling of directory listing paths on the router’s web interface. When a…

Read more →

A significant zero-day vulnerability in Zyxel CPE series devices, identified as CVE-2024-40891, is being actively exploited by attackers. This vulnerability enables attackers to execute arbitrary commands on affected devices, posing significant risks of system compromise, data theft, and network infiltration.…

Read more →

A new cyberattack campaign, dubbed the “Fake DeepSeek Campaign,” has been discovered targeting macOS users. DeepSeek, a Chinese-developed AI chatbot, has rapidly gained popularity globally. Threat Actors started exploiting its popularity to deliver malware & infect users’ computers. This campaign is…

Read more →

A detailed walkthrough demonstrates how attackers can manipulate Azure Key Vault’s access policies after compromising Entra ID (formerly Azure AD) credentials. According to Faran Siddiqui, a penetration tester report, a “Key Vault 06 – Abuse Decryption Key,” shed light on…

Read more →

Cloudflare revealed how its data pipeline has achieved unprecedented scalability, processing up to 706 million events per second as of December 2024 representing a staggering 100x growth since 2018. This massive data flow, which peaks at 107 GiB/s of compressed…

Read more →

PowerSchool, a leading U.S.-based education technology provider, has begun notifying students, teachers, and other affected individuals following a massive data breach that occurred in December 2024. The breach, which compromised sensitive personal information, is one of the largest cybersecurity incidents…

Read more →

Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product. The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could allow attackers with network access to execute specially crafted SQL queries to gain unauthorized access…

Read more →

Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational continuity. Researchers at ANR.RUN analyze the impact of ransomware threats in healthcare, using the notorious…

Read more →

The European Union today imposed sanctions on three Russian military intelligence officers for their involvement in a series of cyberattacks targeting Estonian government agencies in 2020.  The individuals, identified as Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are…

Read more →

Phemex, a cryptocurrency exchange based in Singapore, suffered a significant cyberattack that resulted in the theft of $85 million worth of digital assets.  The platform’s hot wallets, which are linked to the internet for real-time transactions, were the primary target…

Read more →

Cybersecurity researchers have exposed critical vulnerabilities in a telecom network that allowed unauthorized access to sensitive data and control over 3,000 companies.  The research revealed obvious vulnerabilities in the network’s backend APIs, authentication systems, and Know Your Customer (KYC) processes,…

Read more →

A financially motivated threat actor has been linked to a sophisticated cyber campaign that has been targeting users in Poland and Germany since July 2024.  The effort uses phishing emails to spread a range of malware payloads, including Agent Tesla,…

Read more →

Researchers Fabian Bräunlein and Luca Melette demonstrated how outdated Radio Ripple Control systems, used to manage up to 60 gigawatts (GW) of electricity, could be exploited by attackers to disrupt power supply on a massive scale.  Their findings, presented at…

Read more →

NVIDIA has issued a critical software security update for its GPU Display Driver, addressing multiple vulnerabilities that could potentially expose systems to denial-of-service (DoS) attacks, data tampering, and information disclosure.  This update impacts users across Windows and Linux platforms and…

Read more →

A new method of exploiting the “Bring Your Own Vulnerable Driver” (BYOVD) technique has emerged, combining it with Windows symbolic links to elevate its effectiveness. This innovative approach exploits drivers with file-writing capabilities, bypassing the need to rely solely on…

Read more →

Cybercriminals are increasingly employing a technique known as “hidden text salting” to bypass spam filters and evade detection. This method, which saw a surge in usage during the latter half of 2024, poses a significant threat to organizations relying on…

Read more →

A sophisticated phishing campaign has been uncovered, leveraging malicious PDFs disguised as official U.S. Postal Service (USPS) communications to target mobile users. This attack, identified by Zimperium’s zLabs team, employs a novel obfuscation technique to bypass traditional endpoint security measures…

Read more →

A critical Insecure Direct Object Reference (IDOR) vulnerability has been identified in One Identity Manager, a widely used identity and access management solution.  This vulnerability, officially tracked as CVE-2024-56404, allows unauthorized privilege escalation under specific configurations.  The issue affects only…

Read more →

The Akira ransomware group, a prominent player in the Ransomware-as-a-Service (RaaS) domain since March 2023, has intensified its operations with a new Linux variant targeting VMware ESXi servers. Initially focused on Windows systems, Akira expanded its scope in April 2023…

Read more →

Apple has released updates across its platforms, including iOS 18.3, iPadOS 18.3, macOS Ventura, macOS Sonoma, macOS Sequoia, and Safari, to address multiple vulnerabilities. These updates include critical fixes for zero-day vulnerabilities that were actively being exploited, as well as…

Read more →

Apple has released critical security updates to address a zero-day vulnerability actively exploited in attacks targeting iPhone users.  The flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media framework, which handles multimedia processing across Apple’s ecosystem.  This…

Read more →

The creators of Wireshark, Gerald Combs and Loris Degioanni, have unveiled Stratoshark, a groundbreaking tool designed to bring Wireshark’s renowned capabilities into the cloud era. Building on over 25 years of experience with Wireshark, which has become a staple for…

Read more →

A newly disclosed attack method targeting Docker installations has raised significant security concerns among developers and system administrators. The vulnerability leverages a misconfigured Docker Engine API setting, allowing attackers to achieve remote code execution (RCE) with minimal user interaction. While…

Read more →

A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, aiming to steal credit card information and other sensitive data. Cybersecurity experts have identified a complex attack chain that leverages PDF attachments, redirects, and cleverly crafted phishing sites to…

Read more →

A critical zero-day vulnerability in Fortinet’s FortiOS and FortiProxy products tracked as CVE-2024-55591, has been actively exploited in the wild, allowing attackers to gain super-admin privileges. The flaw, which carries a CVSS score of 9.6, has raised significant concerns among…

Read more →

Microsoft has unveiled a new security feature for its popular collaboration platform, Microsoft Teams, to combat phishing attacks through brand impersonation in external chats. The feature, which will alert users to potential impersonation risks during initial contact from external domains,…

Read more →

DeepSeek, the Chinese AI startup that recently dethroned OpenAI’s ChatGPT as the top-rated free app on Apple’s App Store in the United States, announced it is facing a significant cyber attack, prompting the company to temporarily halt new user registrations.…

Read more →

Cybercriminals are employing sophisticated strategies to bypass email security filters, creating phishing emails that are undetectable by utilizing HTML entities and zero-width characters. This new wave of attacks, dubbed “Shy Z-WASP,” combines zero-width joiners and soft hyphen entities to obfuscate…

Read more →

Xerox has released a critical security bulletin addressing multiple vulnerabilities in its Xerox Workplace Suite, a widely used print management server solution.  These vulnerabilities, identified as CVE-2024-55925 through CVE-2024-55931, could allow attackers to bypass API security, manipulate headers, and exploit…

Read more →

A novel attack method leveraging multicast poisoning to execute pre-authenticated Kerberos relay attacks over HTTP. This technique, detailed by Quentin Roland of Synacktiv, combines legacy weaknesses in local name resolution protocols with advanced authentication relaying tools like Responder and krbrelayx.…

Read more →

PortSwigger has released Burp Suite 2025.1, introducing several new features and improvements aimed at enhancing the tool’s usability and efficiency for penetration testers.  This update includes significant advancements in the Burp Intruder module, HTTP response analysis, and interaction management, alongside…

Read more →

A sophisticated malware campaign has been uncovered, leveraging 7-Zip self-extracting archives and the UltraVNC remote access tool to target Russian-speaking entities. The operation, attributed to a threat actor dubbed GamaCopy, mimics tactics previously associated with the Kremlin-aligned Gamaredon group. The…

Read more →

A sophisticated attack campaign have been uncovered recently by the cybersecurity researchers at CloudSEK targeting aspiring hackers, commonly known as “script kiddies.” The operation involves a trojanized version of the XWorm Remote Access Trojan (RAT) builder, which has been weaponized…

Read more →

Google has rolled out a new Stable Channel Update for its Chrome browser, addressing critical security vulnerabilities that posed significant risks to users.  The update, version 132.0.6834.110/111 for Windows and Mac and 132.0.6834.110 for Linux is being gradually deployed and…

Read more →

A sophisticated new phishing framework dubbed “FlowerStorm” has emerged, targeting multiple brands simultaneously to steal customer login credentials. Cybersecurity researchers at CloudSEK have uncovered this alarming development, which poses a significant threat to organizations and consumers alike. FlowerStorm, active since…

Read more →

Researchers have unveiled SCAVY, a novel framework designed to automate the discovery of memory corruption targets in the Linux kernel.  This discovery aims to address critical gaps in the detection and prevention of privilege escalation exploits, which often leverage memory-corruption…

Read more →