News Archives • Page 350 of 632 • Daily CyberSecurity

LNK Files and SSH Commands: The New Arsenal of Advanced Cyber Attacks PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

PromptMink Campaign AI Agent Deception LIMINAL PANDA UNC1549 DLL Hijacking, VDI Breakout

LNK Files and SSH Commands: The New Arsenal of Advanced Cyber Attacks

Ddos December 22, 2024

A recent report by Cyble Research and Intelligence Labs (CRIL) unveils a troubling trend: threat actors are...

New Skuld Infostealer Campaign Unveiled in npm Ecosystem PyPI Packages Leak

New Skuld Infostealer Campaign Unveiled in npm Ecosystem

Ddos December 22, 2024

The npm ecosystem has been infiltrated once more by the persistent Skuld infostealer, a notorious malware strain...

Cybercriminals Go Mobile: Executives Targeted in Advanced Phishing Campaigns BiDi Swap, phishing attacks Cybersecurity Threats

Cybercriminals Go Mobile: Executives Targeted in Advanced Phishing Campaigns

Ddos December 22, 2024

Cybercriminals are targeting corporate executives with highly advanced mobile spear phishing attacks, leveraging sophisticated evasion techniques and...

NotLockBit: New Cross-Platform Ransomware Threatens Windows and macOS NotLockBit Ransomware

NotLockBit: New Cross-Platform Ransomware Threatens Windows and macOS

Ddos December 22, 2024

Pranita Pradeep Kulkarni, Senior Engineer in Threat Research at Qualys, has detailed a new ransomware strain dubbed...

From .NET to C++: BellaCiao Malware Evolves with BellaCPP

Ddos December 21, 2024

Kaspersky has uncovered a fresh variant of the BellaCiao malware family—BellaCPP—marking a shift from .NET to C++...

CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics CVE-2024-51466 and CVE-2024-40695

CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics

Ddos December 21, 2024

IBM has disclosed two severe vulnerabilities in its Cognos Analytics platform that could compromise sensitive data and...

LummApp Malware Campaign: Researcher Exposes Advanced Data Stealing Operation APT31 & APT27 in EastWind campaign

LummApp Malware Campaign: Researcher Exposes Advanced Data Stealing Operation

Ddos December 21, 2024

In a recent revelation, Team Axon, the elite threat hunting division at Hunters, exposed a sophisticated malware...

Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10 Rockwell Automation ThinManager ThinServer CVE-2024-7988 CVE-2025-1449

Rockwell Automation ThinManager ThinServer CVE-2024-7988 CVE-2025-1449

Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10

Ddos December 20, 2024

Rockwell Automation has issued a critical security advisory highlighting three severe vulnerabilities affecting its PowerMonitor 1000 devices....

Diicot Threat Group Targets Linux with Advanced Malware Campaign Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Diicot Threat Group Targets Linux with Advanced Malware Campaign

Ddos December 20, 2024

Wiz Threat Research revealed a new malware campaign orchestrated by the Romanian-speaking threat group Diicot, also known...

Tax-Themed Campaign Exploits Windows MSC Files to Deliver Stealthy Backdoor Operation Kraken - cryptojacking

Tax-Themed Campaign Exploits Windows MSC Files to Deliver Stealthy Backdoor

Ddos December 20, 2024

The Securonix Threat Research team has uncovered a sophisticated phishing campaign named FLUX#CONSOLE, leveraging tax-related lures and...

Romanian National Sentenced to 20 Years for NetWalker Ransomware Attacks Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Romanian National Sentenced to 20 Years for NetWalker Ransomware Attacks

Ddos December 19, 2024

A Romanian man has been sentenced to 20 years in prison for his role in the devastating...

CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update CVE-2024-12727 CVE-2024-12728 CVE-2024-12729

CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update

Ddos December 19, 2024

Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely...

PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194 CVE-2024-49194 PoC

PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194

Ddos December 19, 2024

A newly discovered vulnerability in the Databricks JDBC Driver (CVE-2024-49194) could allow attackers to remotely execute code...

Phishing Campaign Targets European Companies with Fake HubSpot and DocuSign Forms HubSpot phishing campaign

Phishing Campaign Targets European Companies with Fake HubSpot and DocuSign Forms

Ddos December 19, 2024

A recent report by Unit 42 researchers has uncovered an extensive phishing campaign targeting European companies, with...

CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws

Ddos December 19, 2024

Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF...

TA397 Leverages Sophisticated Spearphishing Techniques to Deploy Malware in Defense Sector

Ddos December 19, 2024

Proofpoint researchers have identified a new spearphishing campaign by TA397, a South Asia-based advanced persistent threat (APT)...

Malicious App Found on Amazon Appstore Masquerades as Health Tool Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Malicious App Found on Amazon Appstore Masquerades as Health Tool

Ddos December 19, 2024

McAfee Labs uncovered a malicious app on the Amazon Appstore that disguised itself as a simple health...

Beware of Malicious Extensions: Researcher Exposes VSCode Marketplace Threats MuddyWater APT ANY.RUN security incident

Beware of Malicious Extensions: Researcher Exposes VSCode Marketplace Threats

Ddos December 19, 2024

Researchers from ReversingLabs have highlighted a malicious campaign that bridges two critical ecosystems: Visual Studio Code (VSCode)...

CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation ROS# Path Traversal CVE-2026-41551 Siemens SIMATIC Auth Bypass, CVE-2025-40771 CVE-2024-22039 & CVE-2024-49775 CVE-2024-56336

ROS# Path Traversal CVE-2026-41551 Siemens SIMATIC Auth Bypass, CVE-2025-40771 CVE-2024-22039 & CVE-2024-49775 CVE-2024-56336

CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation

Ddos December 19, 2024

Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a...

cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers exfiltrating AWS credentials - fabrice package

cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers

Ddos December 19, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware called cShell, which specifically...

Critical Alert 1 Active Exploit Detected Today