Bypassing Security: DCRat Deployed via HTML Smuggling
A recent report from the Netskope team reveals that the modular remote access trojan (RAT), DCRat (also known as Dark Crystal RAT), is being deployed using a relatively new and...
A recent report from the Netskope team reveals that the modular remote access trojan (RAT), DCRat (also known as Dark Crystal RAT), is being deployed using a relatively new and...
In a recent investigation by Check Point Research (CPR), a sophisticated crypto scam was uncovered, leveraging a fake app impersonating the popular Web3 protocol, WalletConnect, to drain users’ cryptocurrency wallets....
A critical security vulnerability has been discovered in the widely-used WordPress plugin, TI WooCommerce Wishlist, potentially exposing over 100,000 websites to malicious attacks. The flaw, tracked as CVE-2024-43917 with a...
A recent report from Cloudforce One has detailed a cyber espionage campaign orchestrated by a threat actor dubbed SloppyLemming, targeting government, defense, telecommunications, and energy sectors across South and East...
Cybersecurity firm RedTeam Pentesting GmbH has disclosed two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, in WatchGuard’s Authentication Gateway (also known as Single Sign-On Agent) and Single Sign-On Client software, potentially impacting...
In a startling revelation that underscores the growing cybersecurity risks in the automotive industry, security researchers have uncovered critical vulnerabilities in Kia’s dealer portal that could allow attackers to stealthily...
HashiCorp, a leading provider of infrastructure automation software, has issued a critical security advisory concerning a vulnerability in its popular secrets management tool, Vault. The flaw, designated as CVE-2024-7594 and...
In a recent security bulletin, Progress Software has announced the discovery of six critical vulnerabilities affecting its popular network monitoring application, WhatsUp Gold. Organizations worldwide rely on WhatsUp Gold to...
Users of the popular VLC media player are being urged to update their software immediately following the discovery of a critical vulnerability that could allow malicious actors to crash the...
In a joint advisory, the Five Eyes intelligence alliance has warned of a widespread and ongoing cyberattack campaign attributed to the Chinese state-sponsored group, Flax Typhoon. This campaign leverages a...
Security researchers have uncovered two critical vulnerabilities in the Jupiter X Core WordPress plugin, impacting over 90,000 websites. The flaws could allow unauthenticated attackers to take complete control of a...
Cybersecurity researchers at Palo Alto Networks have uncovered a widespread Phishing-as-a-Service (PhaaS) platform known as Sniper Dz, which has facilitated the creation of over 140,000 phishing websites in the past...
In a recent revelation, security researchers at Bitsight have uncovered severe vulnerabilities within Automated Tank Gauge (ATG) systems—integral components used to monitor fuel levels in storage tanks across critical facilities...
A new and more dangerous variant of the notorious Octo banking malware, dubbed “Octo2,” has been discovered by cybersecurity researchers at ThreatFabric. Octo2, an evolution of the ExobotCompact malware family,...
In a significant development for cybersecurity, multiple critical vulnerabilities have been discovered in CUPS (Common Unix Printing System), a widely used print server on Linux systems and other platforms like...