A newly released report from cybersecurity leaders at Proofpoint paints a chilling picture of North Korean hacking operations reaching new levels of sophistication. Threat group TA427, aligned with the North Korean government, has been...
A new report by cybersecurity firm Resecurity highlights a marked increase in misinformation campaigns and hacktivist activity targeting the Philippines, a key US ally in the Indo-Pacific region. This surge aligns with escalating tensions...
Security researchers published the technical details and proof-of-concept (PoC) exploit code for a dangerous zero-day CVE-2024-21338 vulnerability that was recently exploited by the state-backed North Korean hacking group, Lazarus. This flaw resides in the...
A newly exposed attack campaign, dubbed “Connect:fun,” is raising alarms in the media sector. Researchers at Forescout Research – Vedere Labs warn that a sophisticated threat actor is exploiting a critical Fortinet vulnerability to...
A serious security vulnerability (CVE-2024-32019) has been discovered in Netdata, a widely used open-source monitoring and troubleshooting tool. This flaw has a CVSS score of 8.8 (“High”) and could allow attackers to gain root-level...
A newly discovered vulnerability in Libreswan, a widely used open-source VPN (Virtual Private Network) software, could leave systems open to crashes and potential denial of service attacks, say researchers. The vulnerability poses a risk...
A severe security flaw (CVE-2024-31497) has been discovered in the popular SSH client PuTTY (versions 0.68 to 0.80), impacting a wide range of software including FileZilla, WinSCP, TortoiseGit, and TortoiseSVN. This defect drastically weakens...
A sophisticated and coordinated cyber phishing campaign has been targeting major financial institutions across Southeast Asia, according to a recent report by Cyberint. This campaign, marked by its complexity and scale, appears to be...
A severe security vulnerability impacting the popular “Email Subscribers by Icegram Express” WordPress plugin has been discovered. The flaw, designated as CVE-2024-2876 and carrying a critical CVSS score of 9.8, allows unauthenticated attackers to...
Recently, the notorious TA558 group has escalated its offensive, orchestrating a sophisticated series of cyber attacks targeting an array of institutions and companies worldwide. This pervasive campaign, aptly named “SteganoAmor” due to its use...
The PHP development team has released urgent security patches for multiple vulnerabilities affecting versions 8.1.28, 8.2.18, and 8.3.6. These vulnerabilities, ranging from critical command injection flaws to potential account compromises, require immediate attention from...
A sophisticated malware campaign targeting the widely-used Notepad++ text editor has been uncovered by security researchers at AhnLab Security Emergency Response Center (ASEC). Dubbed “WikiLoader,” this attack demonstrates the alarming ingenuity of modern threat...
The resurgence of the LightSpy mobile spyware campaign poses a renewed and alarming threat to individuals and organizations in Southern Asia, particularly those potentially connected to India. This sophisticated espionage toolkit, analyzed by the...
Streaming giant Roku has publicly acknowledged a second data breach incident impacting approximately 576,000 user accounts. This follows an initial breach in March 2024, compromising approximately 15,000 accounts. Credential Stuffing Remains the Prime Suspect...
Akamai researcher Ben Barnea has released the technical details and proof-of-concept (PoC) for a severe CVE-2023-35628 vulnerability in Microsoft Windows, specifically affecting Outlook clients and potentially exploitable through Windows Explorer. With a CVSS score...
Secure Your Connection
