News Archives • Page 334 of 633 • Daily CyberSecurity

New Phishing Trend: Generic Pages Impersonate Any Brand Generic Phishing Pages

New Phishing Trend: Generic Pages Impersonate Any Brand

Ddos January 27, 2025

The CloudSEK Threat Research Team has revealed a new trend in phishing campaigns—generic phishing pages capable of...

CVE-2025-24085: Apple Patches Actively Exploited Zero-Day Vulnerability Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

CVE-2025-24085: Apple Patches Actively Exploited Zero-Day Vulnerability

Ddos January 27, 2025

Apple has rushed out emergency security updates for iOS, iPadOS, macOS, tvOS, watchOS, and visionOS to address...

Apache Solr Vulnerabilities CVE-2024-52012 and CVE-2025-24814 Expose Systems to File Write and Code Execution Risks Apache Solr default credentials CVE-2026-44825 workaround CVE-2025-24814 & CVE-2025-24814

Apache Solr Vulnerabilities CVE-2024-52012 and CVE-2025-24814 Expose Systems to File Write and Code Execution Risks

Ddos January 27, 2025

The Apache Solr project, known for its highly reliable and scalable search platform, has released a security...

PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code CVE-2025-0411 PoC exploit - Homoglyph Attacks

PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code

Ddos January 26, 2025

Security researcher Dhmos Funk has released a proof-of-concept (PoC) exploit for CVE-2025-0411 (CVSS 7.0), a high-severity vulnerability...

Lumma Stealer MaaS: Clipboard Hijacking and LOLBins Used in Latest Campaign Lumma Stealer model

Lumma Stealer MaaS: Clipboard Hijacking and LOLBins Used in Latest Campaign

Ddos January 26, 2025

A new malware campaign leveraging the Lumma Stealer malware-as-a-service (MaaS) model has been uncovered by Netskope Threat...

Lazarus Group Deploys Electron-Based Malware to Target Cryptocurrency Enthusiasts Lazarus Group Electron Malware

Lazarus Group Deploys Electron-Based Malware to Target Cryptocurrency Enthusiasts

Ddos January 26, 2025

The APT-C-26 group, commonly known as Lazarus, has intensified its campaigns, focusing on cryptocurrency professionals worldwide. A...

Podman and Buildah Vulnerable to Container Breakout – CVE-2024-11218

Ddos January 26, 2025

A high-severity vulnerability has been discovered in Podman and Buildah, popular containerization tools. The flaw, tracked as...

CVE-2024-52975 (CVSS 9.0): Fleet Server Update Patches Critical Information Exposure Vulnerability

Ddos January 26, 2025

Elastic has released a critical security update for Fleet Server, a key component of its Elastic Agent...

Zyxel Vulnerability Exploited by Helldown Ransomware Group

Ddos January 26, 2025

The YIR Team (Yarix Incident Response Team), led by incident responder Claudio Vozza, has detailed a recent...

Intel Trust Domain Extensions Vulnerability

Researchers Expose Critical Isolation Vulnerability in Intel Trust Domain Extensions (TDX)

Ddos January 26, 2025

A recent study conducted by a collaborative team of researchers from IIT Kharagpur and Intel Corporation has...

Sophisticated J-Magic Backdoor Evades Detection on Juniper Routers J-Magic backdoor campaign

Sophisticated J-Magic Backdoor Evades Detection on Juniper Routers

Ddos January 26, 2025

The Black Lotus Labs team at Lumen Technologies has revealed a sophisticated backdoor campaign, dubbed “J-Magic,” targeting...

Palo Alto Networks Firewalls Exposed: BootHole and Other Critical Flaws Uncovered BootHole Vulnerability

Palo Alto Networks Firewalls Exposed: BootHole and Other Critical Flaws Uncovered

Ddos January 26, 2025

Eclypsium researchers have uncovered multiple critical vulnerabilities in several Palo Alto Networks (PAN) next-generation firewalls (NGFWs). This...

Subaru’s STARLINK Vulnerability: How Hackers Could Track and Control Vehicles Subaru STARLINK Vulnerability

Subaru’s STARLINK Vulnerability: How Hackers Could Track and Control Vehicles

Ddos January 26, 2025

Security researchers Sam Curry and Shubham Shah revealed a critical vulnerability in Subaru’s STARLINK connected vehicle service,...

CVE-2024-50050: Critical Security Flaw in Meta’s Llama-Stack Framework PoC-exploit

CVE-2024-50050: Critical Security Flaw in Meta’s Llama-Stack Framework

Ddos January 25, 2025

The Oligo Research team has identified a critical vulnerability, CVE-2024-50050, within Meta’s Llama-Stack, a popular open-source framework...

HellCat and Morpheus: Ransomware Affiliates Using Identical Payloads to Escalate Attacks HellCat & Morpheus ransomware

HellCat and Morpheus: Ransomware Affiliates Using Identical Payloads to Escalate Attacks

Ddos January 25, 2025

Over the past six months, ransomware activity has surged, with new operations like HellCat and Morpheus making...

Critical Flaw CVE-2024-53299 in Apache Wicket: Memory Leak Flaw Exposes Web Apps to DoS Attacks

Ddos January 25, 2025

Apache Wicket, the popular Java-based web application framework, has been found vulnerable to a critical security flaw...

QBot Resurfaces: New BackConnect Malware Signals a Dangerous Evolution

Ddos January 25, 2025

QBot, also known as Qakbot or Pinkslipbot, has made a significant comeback, with researchers uncovering a new...

North Korean IT Workers Indicted in Elaborate “Laptop Farm” Scheme to Evade Sanctions North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack