News Archives • Page 463 of 631 • Daily CyberSecurity

CVE-2024-3159: Google Chrome Zero-Day Exploit Demonstrated at Pwn2Own

Ddos April 2, 2024

Google has released an urgent security update for its Chrome web browser, patching a critical zero-day vulnerability...

Threat Actors Weaponize PikaBot Malware with Evolving Attack Techniques PikaBot campaign

Threat Actors Weaponize PikaBot Malware with Evolving Attack Techniques

Ddos April 2, 2024

A new report from McAfee Labs reveals a troubling evolution in the PikaBot malware campaign, showcasing an...

Major WordPress Plugin Exposes Millions of Sites to Data Theft

Ddos April 2, 2024

A severe security flaw discovered in the popular LayerSlider WordPress plugin has potentially put over a million...

European Organizations Targeted by Updated StrelaStealer Malware Campaign

Ddos April 2, 2024

A newly updated variant of the StrelaStealer malware is actively targeting organizations across Europe, according to a...

CVE-2024-2389 (CVSS 10): Critical Security Flaw Discovered in Progress Flowmon Network Monitoring Tool

Ddos April 2, 2024

Progress, the provider of Flowmon, a widely used network monitoring and security solution, has disclosed a major...

Apache Pulsar Patches Authorization Flaw (CVE-2024-29834) – Update Now to Protect Sensitive Data

Ddos April 2, 2024

Apache Pulsar, a highly popular open-source messaging and streaming platform, has recently patched a critical security vulnerability...

Earth Freybug’s New Weapon: UNAPIMON Evades Detection Fig1-Earth Freybug

Earth Freybug’s New Weapon: UNAPIMON Evades Detection

Ddos April 2, 2024

In a recent cyberespionage campaign attributed to Earth Freybug (also a subset of APT41), security researchers from...

CVE-2024-2975: Octopus Deploy Patches Critical Privilege Escalation Vulnerability

Ddos April 1, 2024

Octopus Deploy, the popular deployment automation platform, has released a security advisory and subsequent patches to address...

Qualcomm Addresses Critical Security Vulnerabilities in April Bulletin CVE-2024-21473

Qualcomm Addresses Critical Security Vulnerabilities in April Bulletin

Ddos April 1, 2024

US-based chip giant Qualcomm has released a critical security bulletin patching a major flaw along with 11...

CVE-2024-29201 & CVE-2024-29202 Flaws Expose JumpServer Users to RCE Attacks CVE-2024-29201 and CVE-2024-29202

CVE-2024-29201 & CVE-2024-29202 Flaws Expose JumpServer Users to RCE Attacks

Ddos April 1, 2024

JumpServer, a popular open-source bastion host system, has recently been found to contain two critical vulnerabilities (CVE-2024-29201...

Bitdefender CVE-2023-6154 Flaw Alert: Update Now to Prevent Potential Privilege Escalation

Ddos April 1, 2024

Bitdefender, a leading provider of cybersecurity solutions, has released a critical patch addressing a vulnerability in its...

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Ddos March 31, 2024

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using...

CVE-2024-0582: Serious Linux Kernel Bug Opens Door to System Takeovers, PoC Published CVE-2024-0582 PoC

CVE-2024-0582: Serious Linux Kernel Bug Opens Door to System Takeovers, PoC Published

Ddos March 31, 2024

The technical details and proof-of-concept (PoC) exploit code has been released for a significant vulnerability, designated CVE-2024-0582...

‘Trojanized’ npm Package Targets Cryptocurrency Wallets, Steals USDT malicious npm package

‘Trojanized’ npm Package Targets Cryptocurrency Wallets, Steals USDT

Ddos March 31, 2024

In a startling discovery, the Phylum Research Team has exposed a malicious npm package masquerading as a...

Apache Fineract Patches Multiple Flaws, Including Critical Privilege Escalation (CVE-2024-23539)

Ddos March 31, 2024

Apache Fineract, a widely used open-source core banking solution for financial institutions, has released security patches to...

Global “Password Spraying” Campaign Targets VPN Systems, Causing Lockouts Password Spraying campaign

Global “Password Spraying” Campaign Targets VPN Systems, Causing Lockouts

Ddos March 31, 2024

Cisco has issued a critical warning about a widespread password spraying campaign targeting Remote Access VPN (RAVPN)...

Cookie Theft: The Cybersecurity Threat You Didn’t See Coming Infostealer

Cookie Theft: The Cybersecurity Threat You Didn’t See Coming

Ddos March 31, 2024

Even with strengthened password security and multi-factor authentication (MFA), hackers are finding new ways to break in....

CVE-2024-27281: Critical Vulnerability Patched in Popular Ruby Documentation Tool

Ddos March 29, 2024

The Ruby development team has released an urgent security patch for a critical vulnerability found in RDoc,...

CVE-2024-3094 (CVSS 10): Backdoor Flaw Discovered in Popular Linux Compression Tool

Ddos March 29, 2024

A severe backdoor vulnerability (designated CVE-2024-3094) has been unearthed in versions 5.6.0 and 5.6.1 of the widely...

CVE-2024-0333: Chrome Flaw Could Have Let Attackers Sneak in Malicious Extensions

Ddos March 28, 2024

Security researcher Malcolm Stagg has detailed a critical vulnerability in Google Chrome (designated CVE-2024-0333) that could have...

Critical Alert 1 Active Exploit Detected Today