News Archives • Page 372 of 632 • Daily CyberSecurity

BlueNoroff’s New MacOS Threat: “Hidden Risk” Targets Crypto Enthusiasts Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

BlueNoroff’s New MacOS Threat: “Hidden Risk” Targets Crypto Enthusiasts

Ddos November 10, 2024

In a disturbing revelation from SentinelLabs, North Korean-affiliated threat actors, suspected to be linked to the notorious...

Roblox Developers Targeted in Supply Chain Attack with Malicious npm Packages

Ddos November 10, 2024

Socket’s threat research team recently uncovered a new attack targeting the Roblox developer community. Threat actors distributed...

Scattered Spider Spins a New Web: Detecting 0ktapus Phishing Domains 0ktapus

Scattered Spider Spins a New Web: Detecting 0ktapus Phishing Domains

Ddos November 10, 2024

The prolific 0ktapus, also known as Scattered Spider and Starfraud, continues to evolve in its approach to...

CVE-2024-10470 (CVSS 9.8) in Popular WordPress Theme Exposes Thousands of Sites WPLMS theme - CVE-2024-10470

CVE-2024-10470 (CVSS 9.8) in Popular WordPress Theme Exposes Thousands of Sites

Ddos November 8, 2024

A critical vulnerability, tagged as CVE-2024-10470, has been identified in WPLMS, a WordPress premium theme widely used...

From Fake Updates to Data Exfiltration: Inside Interlock Ransomware’s Operations Interlock ransomware attack

From Fake Updates to Data Exfiltration: Inside Interlock Ransomware’s Operations

Ddos November 8, 2024

Cisco Talos Incident Response (Talos IR) has recently unveiled a concerning new threat in the cybersecurity landscape:...

CVE-2024-10914 (CVSS 9.2): Command Injection Flaw Threatens 61,000+ D-Link NAS Devices

Ddos November 7, 2024

A critical vulnerability, CVE-2024-10914, has been identified in D-Link NAS devices, posing a severe risk to over...

GodFather Malware Now Targets 500+ Banking and Crypto Apps

Ddos November 7, 2024

The GodFather malware has expanded its scope, now targeting over 500 banking and cryptocurrency applications across various...

CISA Expands KEV Catalog with Four Actively Exploited Vulnerabilities

Ddos November 7, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an updated advisory regarding four security vulnerabilities actively...

Beware Python Developers: Malicious ‘fabrice’ Package Steals AWS Credentials from 37,000+ Downloads exfiltrating AWS credentials - fabrice package

exfiltrating AWS credentials - fabrice package

Beware Python Developers: Malicious ‘fabrice’ Package Steals AWS Credentials from 37,000+ Downloads

Ddos November 7, 2024

In a concerning development for Python developers and cloud administrators, The Socket Research Team has identified a...

Apache ZooKeeper Security Alert: Important Flaw Impacts Admin Server (CVE-2024-51504)

Ddos November 7, 2024

Apache ZooKeeper, the widely used centralized service for managing configuration and synchronization across distributed applications, has recently...

Winos4.0 Malware Spread Through Game Apps Targets Education Sector

Ddos November 7, 2024

The advanced Winos4.0 malware framework has been found targeting unsuspecting users through game-related applications, according to a...

New Rhadamanthys Stealer Rhadamanthys.07 Mimics Copyright Notices to Phish Global Targets Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

Operation IconCat, UNG0801 AFP cyberattack -NetWalker Ransomware VShell RAT

New Rhadamanthys Stealer Rhadamanthys.07 Mimics Copyright Notices to Phish Global Targets

Ddos November 7, 2024

Check Point Research recently uncovered a large-scale phishing campaign exploiting a new version of the Rhadamanthys Stealer,...

CVE-2024-20536: Cisco NDFC Vulnerability Grants Attackers Extensive Control Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

CVE-2024-20536: Cisco NDFC Vulnerability Grants Attackers Extensive Control

Ddos November 7, 2024

In a recent security advisory, Cisco disclosed a high-severity SQL injection vulnerability, designated as CVE-2024-20536 (CVSS 8.8),...

CVE-2024-40715: Authentication Bypass Threat in Veeam Backup Enterprise Manager

Ddos November 7, 2024

Veeam recently disclosed a new security vulnerability, tracked as CVE-2024-40715, that impacts Veeam Backup Enterprise Manager. With...

Ongoing Phishing Attack in LATAM Region

Ddos November 7, 2024

A sophisticated phishing campaign is currently targeting users in the Latin America (LATAM) region. Cybercriminals are employing...

Kaspersky Labs Uncovers SteelFox Trojan: 11,000+ Devices Infected

Ddos November 6, 2024

Cybersecurity researchers at Kaspersky Labs uncovered a dangerous new trojan named “SteelFox,” which has been affecting users...

Bengal Cat Lovers in Australia Targeted by Gootloader Malware

Ddos November 6, 2024

Bengal cat enthusiasts in Australia have become the latest victims of a targeted Gootloader campaign that uses...

CVE-2024-42509 (CVSS 9.8): Critical Vulnerability Exposes Aruba Access Points to Attack CVE-2024-42509 & CVE-2024-47460 HPE Aruba Fabric Composer CVE-2026-23592 Aruba AOS-CX CVE-2026-23813

CVE-2024-42509 & CVE-2024-47460 HPE Aruba Fabric Composer CVE-2026-23592 Aruba AOS-CX CVE-2026-23813

CVE-2024-42509 (CVSS 9.8): Critical Vulnerability Exposes Aruba Access Points to Attack

Ddos November 6, 2024

HPE Aruba Networking has issued a security advisory warning of multiple critical vulnerabilities affecting Access Points running...

Cybercriminals Exploit DocuSign API to Send Convincing Phishing Invoices at Scale Abuse DocuSign API

Cybercriminals Exploit DocuSign API to Send Convincing Phishing Invoices at Scale

Ddos November 6, 2024

In a sophisticated twist on phishing, cybercriminals are now leveraging DocuSign’s API to send fraudulent invoices that...

New “CRON#TRAP” Campaign Exploits Emulated Linux Environments to Evade Detection CRON#TRAP Campaign

New “CRON#TRAP” Campaign Exploits Emulated Linux Environments to Evade Detection

Ddos November 6, 2024

The Securonix Threat Research team has exposed a sophisticated malware campaign dubbed “CRON#TRAP,” which stages attacks within...

Critical Alert 1 Active Exploit Detected Today