News Archives • Page 341 of 632 • Daily CyberSecurity

Kernel Modules and Malicious Commands: Anatomy of the sysinitd Rootkit

Ddos January 13, 2025

The FortiGuard Incident Response (FGIR) team has conducted a comprehensive analysis of a sophisticated Linux rootkit, shedding...

Microsoft Unveils CVE-2024-44243: A macOS System Integrity Protection Bypass Through Kernel Extensions

Ddos January 13, 2025

Microsoft Defender Research Team has revealed a macOS vulnerability—CVE-2024-44243—that allows attackers to bypass Apple’s robust System Integrity...

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

APT28’s New Espionage Campaign Uses Double-Tap Infection Chain

Ddos January 13, 2025

In a recent revelation, security researchers Amaury G., Maxime A., Erwan Chevalier, Felix Aimé, and Sekoia TDR...

CVE-2024-56511: Critical Authentication Bypass Vulnerability in DataEase

Ddos January 13, 2025

The DataEase project has issued an urgent advisory regarding a critical vulnerability (CVE-2024-56511) affecting its popular open-source...

CVE-2024-41787 (CVSS 9.8): Critical IBM DOORS Next Flaw Enables Remote Code Execution IBM CCA Vulnerability CVE-2025-13375 IBM Anthropic Partnership, AI Software Development watsonx Orchestrate, SQL injection CVE-2024-49803 - CVE-2024-41787 IBM Completes Acquisition HashiCorp

IBM CCA Vulnerability CVE-2025-13375 IBM Anthropic Partnership, AI Software Development watsonx Orchestrate, SQL injection CVE-2024-49803 - CVE-2024-41787 IBM Completes Acquisition HashiCorp

CVE-2024-41787 (CVSS 9.8): Critical IBM DOORS Next Flaw Enables Remote Code Execution

Ddos January 13, 2025

IBM has issued an urgent security bulletin regarding two critical vulnerabilities affecting its Engineering Requirements Management DOORS...

Unauthenticated Attackers Can Exploit Junos Vulnerabilities (CVE-2025-21598 & CVE-2025-21599) Junos OS Evolved CVE-2026-21902 Juniper Security Director, Critical Vulnerability Junos OS vulnerabilities - CVE-2025-21598 & CVE-2025-21599

Junos OS Evolved CVE-2026-21902 Juniper Security Director, Critical Vulnerability Junos OS vulnerabilities - CVE-2025-21598 & CVE-2025-21599

Unauthenticated Attackers Can Exploit Junos Vulnerabilities (CVE-2025-21598 & CVE-2025-21599)

Ddos January 13, 2025

Juniper Networks has released advisories detailing two significant vulnerabilities affecting their Junos OS and Junos OS Evolved...

LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing

Ddos January 13, 2025

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2...

New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security CVE-2024-54498 PoC

New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security

Ddos January 12, 2025

Recently, security researcher @wh1te4ever has revealed a proof of concept (PoC) exploit for CVE-2024-54498, a vulnerability that...

0-Click Vulnerability in Samsung S24 Devices: PoC Releases for CVE-2024-49415

Ddos January 12, 2025

A newly published report from Natalie Silvanovich, a security researcher at Google’s Project Zero team, has revealed...

Aviatrix Controller RCE CVE-2024-50603 Exploited in the Wild: Cryptojacking and Backdoors Deployed CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

Aviatrix Controller RCE CVE-2024-50603 Exploited in the Wild: Cryptojacking and Backdoors Deployed

Ddos January 12, 2025

A critical Remote Code Execution (RCE) vulnerability, CVE-2024-50603, has been identified in Aviatrix Controller, with the maximum...

Phishing Campaigns Exploit YouTube URLs and Microsoft 365 Themes to Steal Credentials Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Phishing Campaigns Exploit YouTube URLs and Microsoft 365 Themes to Steal Credentials

Ddos January 12, 2025

Cybersecurity researchers at Cyderes, led by Ethan Fite, have uncovered a phishing trend exploiting YouTube URLs combined...

HexaLocker V2: Ransomware Reborn with Advanced Tactics ransom

HexaLocker V2: Ransomware Reborn with Advanced Tactics

Ddos January 12, 2025

On August 9, 2024, the HexaLocker ransomware group unveiled a new variant of their infamous malware on...

CVE-2025-22152 (CVSS 9.4): Severe Vulnerabilities Found in Atheos Web-Based IDE

Ddos January 12, 2025

A security advisory from the Atheos project has disclosed a critical vulnerability (CVE-2025-22152) that could compromise servers...

ZACROS Corporation Discloses Personal Information Leak Following Ransomware Attack INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

ZACROS Corporation Discloses Personal Information Leak Following Ransomware Attack

Ddos January 12, 2025

ZACROS Corporation, a leading manufacturer of packaging materials, announced that it has suffered a ransomware attack that...

RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

RedDelta Leverages PlugX Backdoor in State-Sponsored Espionage Campaigns

Ddos January 12, 2025

A recent report by Insikt Group reveals an ongoing, sophisticated cyber-espionage operation by the RedDelta advanced persistent...

RedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

RedCurl APT Group: Cyber Espionage with Living-Off-the-Land Techniques

Ddos January 12, 2025

The RedCurl Advanced Persistent Threat (APT) group, also known as Earth Kapre or Red Wolf, has resurfaced...

CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000 Active Installations

Ddos January 11, 2025

A severe vulnerability has been identified in the GiveWP plugin, one of WordPress’s most widely used tools...

FunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime and Hacktivism Exploited VMware

FunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime and Hacktivism

Ddos January 11, 2025

A new player in the ransomware scene, FunkSec, has emerged with a mix of audacious claims, low-tech...

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign GroupGreeting e-card - “zqxq” campaign

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign

Ddos January 11, 2025

The popular e-card platform GroupGreeting.com, used by major companies such as Airbnb, Coca-Cola, and eBay, recently fell...

CVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited in the Wild for Years, PoC Published CVE-2024-12847 - CVE-2022-41545

CVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited in the Wild for Years, PoC Published

Ddos January 10, 2025

A severe security vulnerability has been discovered in several Netgear routers, allowing remote attackers to gain unauthorized...

Critical Alert 1 Active Exploit Detected Today