A new malware, Byakugan, emerges via Adobe Acrobat Reader installers, capable of multiple cyber threats including data theft and cryptocurrency mining.
New Multi-Functional Malware ‘Byakugan’ Unleashed via Phishing
read more
Data Breaches
Ivanti Releases Critical Security Patches
Ivanti has issued critical patches for Connect Secure and Policy Secure Gateways amid rising cybersecurity threats, reinforcing secure by design principles.
Unmasking Earth Freybug: The Stealthy Rise of UNAPIMON Malware
Discover the cunning Earth Freybug group and its evasive UNAPIMON malware, a rising threat in the world of cyber espionage.
Critical Cybersecurity Flaws Exposed in WordPress Plugins
Exploring recent cybersecurity breaches and vulnerabilities in WordPress plugins, emphasizing the importance of security updates.
Sophisticated Backdoor Found in Linux XZ Utils
Sophisticated Backdoor Found in Linux XZ Utils Cybersecurity experts have recently sounded the alarm on a sophisticated backdoor planted in XZ Utils, a fundamental compression tool in Linux systems. The malicious code, which enables remote code execution, was...
Google to Overhaul Incognito Mode, Delete Browsing Records
Google is set to delete billions of browsing records and revamp its incognito mode in response to a privacy lawsuit.
Rise of TA558 Phishing Campaigns and Venom RAT Deployments
TA558 launches a major phishing campaign with Venom RAT, targeting various sectors and countries, escalating the urgency for robust cybersecurity.
Google Removes 29 Malicious Android Apps Used for RESIPs
Google has clamped down on 29 Android apps operating as residential IP proxies, part of a cunning malware campaign uncovered by HUMAN’s Satori team.
Finland’s Parliament Targeted by Chinese Cyber Espionage Group APT31
The Finnish Police accused APT31, a Chinese cyber espionage group, of infiltrating Finland’s Parliament in 2020, highlighting the urgent need for enhanced cybersecurity measures.
Vultur Banking Trojan Returns with Enhanced Abilities
The Vultur banking trojan makes a daunting comeback, now capable of remote control and encrypted communications, presenting a critical threat to Android users.
PyPI User Registrations Halted Amid Typosquatting Attack
The Python Package Index had to pause new user sign-ups due to an influx of malicious packages using typosquatting methods.
Critical Linux Vulnerabilities: WallEscape and Kernel Flaws Exposed
An alarming vulnerability in util-linux’s ‘wall’ command and a netfilter subsystem flaw threaten Linux security. Learn about WallEscape and kernel risks.
The Resurgence of TheMoon Botnet: A Threat to Cybersecurity
TheMoon botnet has returned, exploiting end-of-life devices and collaborating with the Faceless service, posing a renewed threat to cybersecurity and financial industries.
Rising macOS Threats: Navigating the Malware Pandemonium
Sophisticated malware campaigns are targeting macOS users, exploiting legitimate platforms to steal sensitive information. Learn how to protect yourself.
RedHat Warns of Critical Backdoor in XZ Utils Software
An urgent security alert has been issued by RedHat due to a critical backdoor found in XZ Utils, affecting major Linux distributions.
Vulnerabilities in Hotel RFID Locks Expose Global Security Risks
Researchers discover vulnerabilities in hotel electronic RFID locks, codenamed Unsaflok, affecting millions of doors worldwide.
U.S. Targets Cryptocurrency Exchanges in Sanctions Sweep
The U.S. Treasury tightens its sanctions regime by targeting three cryptocurrency exchanges aiding Russia’s evasion of economic restrictions imposed due to its actions in Ukraine.
GitHub Supply Chain Attack Targets Top.gg and Individual Developers
Attackers compromised GitHub organization accounts in a supply chain attack, impacting Top.gg and developers with stolen credentials and malicious code.
Turla Espionage Group Strikes European NGOs with Advanced Malware
The Russia-linked espionage group Turla has launched sophisticated cyber-attacks on European NGOs, displaying the intricate nature of state-sponsored hacking.
North Korea’s Kimsuky Group Ups Ante with CHM File Malware
The North Korean Kimsuky group deploys CHM files as Trojan horses, advancing cyber espionage and Artificial Intelligence for malicious purposes.
Sign1 Malware Campaign Strikes Over 39,000 WordPress Sites
The Sign1 malware campaign has compromised over 39,000 WordPress websites with complex JavaScript injections, showcasing the need for robust cybersecurity.
WINELOADER Malware and State-Backed Cyber Espionage Intensify
State-sponsored cyber espionage campaigns intensify, leveraging WINELOADER malware against political entities.
Rise of Phishing Attacks: StelaStealer’s EU and US Rampage
A fresh wave of sophisticated phishing attacks exploiting StrelaStealer malware targets over 100 EU and US organizations, highlighting the urgent need for vigilance.
FlowFixation: Critical AWS Vulnerability Unveiled and Mitigated
A crucial vulnerability in AWS Managed Workflows for Apache Airflow, known as FlowFixation, has been swiftly addressed by AWS to prevent potential cyber threats.
Apple’s Market Dominance Challenged by DOJ Lawsuit
The DOJ accuses Apple of monopolistic practices, potentially shaking up the smartphone industry.
Navigating SaaS Sprawl: The Rise of Zero-Trust Cybersecurity
With SaaS sprawl on the rise, businesses adopt zero-trust cybersecurity strategies to manage emerging risks in a cloud-centric world.
Ivanti Warns of Critical Security Flaw in Sentry
Unveiling of Ivanti’s critical Sentry flaw and the broader implications for digital security.
US Bolsters Water System Cybersecurity Amid Global Threats
The Biden administration warns of heightened cybersecurity threats to US water systems from actors in Iran and China, prompting federal action to strengthen defenses.
Ukrainian Cyber Police Dismantle Major Email and Instagram Hacking Ring
Ukraine’s cyber police take down a gang behind over 100 million hacked emails and Instagram accounts, seizing equipment and advocating for stronger personal cybersecurity measures.
AI-Powered Cyber Threats and Defense Innovations
The escalating role of AI in cyberattacks poses new challenges and demands innovative defense strategies in cybersecurity.
Strengthening Healthcare Cybersecurity Strategies
The increasing wave of cyberattacks on healthcare necessitates crafting a robust, tailored cybersecurity strategy for the sector.
Massive Cybercrime Marketplace Shut Down
The U.S. Justice Department has successfully incapacitated a major cybercrime platform, marking a notable victory in the fight against cyber threats.
Fortra Releases Critical Patches for Remote Code Execution Vulnerability
Fortra has swiftly released patches to remedy a critical RCE vulnerability in its FileCatalyst Transfer Tool, emphasizing the importance of immediate action.
Critical Plugin Vulnerabilities in WordPress
Multiple critical vulnerabilities in WordPress plugins by miniOrange have prompted urgent security updates and plugin removals.
GitHub Repositories Misused to Distribute RisePro Info Stealer
Cybersecurity takes center stage with the RisePro info stealer spreading through GitHub repositories.
North American Manufacturing Hit by Ande Loader Malware Surge
Blind Eagle menace spreads Ande Loader malware through the North American manufacturing sector, using sophisticated phishing and RATs.
Rising Malware Campaign Exploits WordPress Plugin Vulnerabilities
A recent malware campaign targeting vulnerabilities in WordPress plugins including Popup Builder and Ultimate Member underscores the importance of timely updates and robust cybersecurity.
Progress Software’s OpenEdge Exposes Critical CVE-2024-1403 Vulnerability
Discover how CVE-2024-1403, a critical flaw in Progress Software’s OpenEdge, poses a severe threat to cybersecurity, underscoring the need for urgent updates.
Navigating Cybersecurity Threats: Malware, Phishing, and More
Recent reports shed light on innovative cyber threats like malware distribution through fake video conferencing websites, sophisticated phishing campaigns, and the use of Remote Access Trojans.
Evasive Panda Targets Tibetans in Sophisticated Cyberespionage Campaign
Researchers uncover an advanced cyberespionage campaign by Evasive Panda targeting Tibetans using sophisticated malware via cultural event platforms.
QEMU Emulator Exploited in Novel Cyberattack
A new cyberattack leveraging the QEMU hardware emulator as a tunneling tool showcases the evolving threats in cybersecurity.
Cisco Patches High-Severity CRLF Injection Flaw
Cisco releases critical security patches for a high-severity CRLF injection vulnerability in Cisco Secure Client software.
Tech Breakthroughs: Solar Eye Panels and Messaging Interoperability
Australian scientists develop implantable solar panels for eyes, and Meta adapts messaging services to EU’s Digital Markets Act, enhancing user connectivity and security.
Critical WordPress Campaign Unleashes Brute-Force Attacks
A new campaign targeting WordPress sites with brute-force attacks has been uncovered, compromising digital security and user data.
Fusing Human and Machine Identities in SaaS Security
The blend of human and machine identities in SaaS operations demands advanced management strategies and agile auditing tools for enhanced cybersecurity.
Beyond Aesthetics: The Critical Role of Website Redesign in Cybersecurity
Exploring how website redesigns impact cybersecurity and the innovative tools like Reflectiz and Brave browser that fortify digital defense.
U.S. Sanctions Against Intellexa Mark a Stand Against Spyware
The U.S. Treasury’s sanctions against Intellexa signal a strong stance against commercial spyware and its inherent threats to privacy and national security.
GhostSec Leverages GhostLocker 2.0 in Global Extortion Spree
The collaboration of hacker groups GhostSec and Stormous leads to a heightened threat with GhostLocker 2.0 ransomware targeting critical sectors worldwide.
New Vulnerabilities in JetBrains TeamCity Pose Severe Risks
Critical vulnerabilities found in JetBrains TeamCity On-Premises software highlight the importance of system updates for cybersecurity.
Lazarus Group Exploits Windows Kernel Flaw: A Security Warning
The Lazarus Group used a Windows kernel flaw, CVE-2024-21338, to execute sophisticated attacks, prompting a critical security patch from Microsoft.