News Archives • Page 349 of 632 • Daily CyberSecurity

North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled

Ddos December 24, 2024

The Federal Bureau of Investigation (FBI), Department of Defense Cyber Crime Center (DC3), and Japan’s National Police...

WordPress.org Free Services Suspended: What It Means for Users and Developers WordPress 6.9.2 WordPress 6.9.2 WordPress Security Update WordPress Security Update WordPress.org Suspended

WordPress 6.9.2 WordPress 6.9.2 WordPress Security Update WordPress Security Update WordPress.org Suspended

WordPress.org Free Services Suspended: What It Means for Users and Developers

Ddos December 24, 2024

Matt Mullenweg, WordPress co-founder and Automattic CEO, has pulled the plug on several key services for free...

PoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability CVE-2024-30085 PoC exploit

PoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability

Ddos December 23, 2024

Security researcher Alex Birnberg with SSD Secure Disclosure published the technical details and a proof-of-concept (PoC) exploit...

CVE-2024-12828 (CVSS 9.9): Webmin Vulnerability Leaves a Million Servers Exposed to RCE CVE-2024-12828 CVE-2025-2774 Webmin vulnerability

CVE-2024-12828 (CVSS 9.9): Webmin Vulnerability Leaves a Million Servers Exposed to RCE

Ddos December 23, 2024

The popular web-based system administration tool, Webmin, has been found to harbor a critical security vulnerability (CVE-2024-12828)...

CVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack

Ddos December 23, 2024

A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package,...

CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover CVE-2024-53552 CrushFTP vulnerability, SSRF

CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover

Ddos December 23, 2024

CrushFTP, a popular file transfer server known for its robust features and user-friendly interface, has issued an...

PoC Exploit Emerges for Adobe ColdFusion CVE-2024-53961—Apply Security Updates Now

Ddos December 23, 2024

Adobe has released urgent security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021....

“Holy League” Hacktivist Group Emerges, Targets West CloudComputating - QSC framework

“Holy League” Hacktivist Group Emerges, Targets West

Ddos December 23, 2024

Radware’s latest report unveils the emergence of the Holy League—a hacktivist formed in July 2024. This group...

WikiKit Phishing Kit Targets Major Industries with Evasive Techniques UAC-0027 hacking group

WikiKit Phishing Kit Targets Major Industries with Evasive Techniques

Ddos December 23, 2024

TRAC Labs recently unveiled a new phishing kit, named WikiKit, which is targeting industries across automotive, manufacturing,...

CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns

Ddos December 23, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised the alarm on a critical security flaw...

Rspack Supply Chain Attack Injects Cryptojacking Malware Into npm Ecosystem

Ddos December 23, 2024

The Rspack ecosystem, known for its high-performance JavaScript bundler written in Rust, has become the latest victim...

Cybercriminals Exploit Cracked Acunetix Scanner for Malicious Attacks CVE-2024-36072 Water Gamayun, MSC EvilTwin

Cybercriminals Exploit Cracked Acunetix Scanner for Malicious Attacks

Ddos December 23, 2024

Cybercriminals are increasingly weaponizing cracked versions of legitimate vulnerability scanning tools, like the Araneida Scanner, for malicious...

Google’s Search Dominance Under Fire in Japan

Google’s Search Dominance Under Fire in Japan

Ddos December 23, 2024

Google finds itself in hot water with regulators yet again, this time in Japan. The nation’s Fair...

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Amazon Aurora, Netflix Cloud Migration Netflix innovation, vertical video Netflix Dutch DPA

Amazon Aurora, Netflix Cloud Migration Netflix innovation, vertical video Netflix Dutch DPA

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations

Ddos December 22, 2024

Streaming giant Netflix has been hit with a hefty fine by the Dutch Data Protection Authority (Dutch...

CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability Tomcat Security Update CVE-2026-24733 CVE-2023-41081 -CVE-2024-56337

CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability

Ddos December 22, 2024

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE)...

CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published CVE-2024-56145 PoC

CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published

Ddos December 22, 2024

Security researchers at Assetnote have disclosed a critical vulnerability (CVE-2024-56145) in Craft CMS, a widely-used PHP-based content...

DigiEver DVR Vulnerability Under Attack by Hail Cock Botnet

Ddos December 22, 2024

Akamai Security Intelligence Research Team (SIRT) has uncovered a vulnerability in DigiEver DS-2105 Pro DVRs is being...

NodeStealer Infostealer: New Python-Based Variant Targets Facebook Ads Manager NodeStealer infostealer malware

NodeStealer Infostealer: New Python-Based Variant Targets Facebook Ads Manager

Ddos December 22, 2024

The NodeStealer malware, first identified as a JavaScript-based threat, has undergone a transformation into a Python-based infostealer,...

Pegasus Spyware: Court Finds NSO Group Liable for 1,400 Infections Pegasus Spyware WhatsApp

Pegasus Spyware: Court Finds NSO Group Liable for 1,400 Infections

Ddos December 22, 2024

A California court has ruled that Israeli firm NSO Group is liable for hacking into WhatsApp and...

FlowerStorm Seizes Opportunity as Rockstar2FA Crumbles Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

FlowerStorm Seizes Opportunity as Rockstar2FA Crumbles

Ddos December 22, 2024

Despite its popularity, the phishing-as-a-service platform Rockstar2FA suffered a partial collapse in November 2024 due to technical...

Critical Alert 1 Active Exploit Detected Today