News

Beware of LinkedIn: Ducktail Malware’s Sneaky ZIP Attack Revealed

• Malware

Beware of LinkedIn: Ducktail Malware’s Sneaky ZIP Attack Revealed

Ddos January 4, 2024 0

In December 2023, the cybersecurity community was alerted to a new form of cyber threat – the...

Read More Read more about Beware of LinkedIn: Ducktail Malware’s Sneaky ZIP Attack Revealed

CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

• Vulnerability

CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

Ddos January 4, 2024 0

Ivanti, a renowned name in IT asset and systems management, has addressed a severe security loophole in...

Read More Read more about CVE-2023-39336: Ivanti Addresses Major RCE Vulnerability

North Korean Hacking Organization Kimsuky’s Global Spearphishing Campaign Unraveled

• Cyber Security

North Korean Hacking Organization Kimsuky’s Global Spearphishing Campaign Unraveled

Ddos January 4, 2024 0

The North Korean hacking organization, Kimsuky, has unleashed a sophisticated spearphishing campaign, targeting hundreds of influential individuals...

Read More Read more about North Korean Hacking Organization Kimsuky’s Global Spearphishing Campaign Unraveled

CVE-2023-51784 & 51785: Two Critical Security Flaws in Apache InLong

• Vulnerability

CVE-2023-51784 & 51785: Two Critical Security Flaws in Apache InLong

Ddos January 3, 2024 0

Apache InLong emerges as a pioneering framework, adept at harnessing the torrent of information flowing through the...

Read More Read more about CVE-2023-51784 & 51785: Two Critical Security Flaws in Apache InLong

The Rise of AI Scams: GXC Team’s New Tool for BEC and Wire Fraud

• Cyber Security

The Rise of AI Scams: GXC Team’s New Tool for BEC and Wire Fraud

Ddos January 3, 2024 0

Resecurity has uncovered a group known as the “GXC Team” that has emerged as a prominent player,...

Read More Read more about The Rise of AI Scams: GXC Team’s New Tool for BEC and Wire Fraud

Python’s New Threat: Malicious PyPI Packages Targeting Linux Devices

• Malware

Python’s New Threat: Malicious PyPI Packages Targeting Linux Devices

Ddos January 3, 2024 0

The Python community has recently faced a new threat: three new malicious PyPI (Python Package Index) packages...

Read More Read more about Python’s New Threat: Malicious PyPI Packages Targeting Linux Devices

RemcosRAT in Action: UAC-0050’s Stealth Campaign Against Ukraine

• Cyber Security
• Malware

RemcosRAT in Action: UAC-0050’s Stealth Campaign Against Ukraine

Ddos January 3, 2024 0

In the ever-evolving landscape of cyber threats, a new contender with a sophisticated approach to digital espionage...

Read More Read more about RemcosRAT in Action: UAC-0050’s Stealth Campaign Against Ukraine

CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw

• Vulnerability

CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw

Ddos January 3, 2024 0

The popular “OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.” plugin, a staple in over 300,000 WordPress...

Read More Read more about CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw

The Stealthy Tech of Scheduled Task Tampering: A Deep Dive into the HAFNIUM Threat Actor’s Latest Tactic

• Cyber Security
• Malware

The Stealthy Tech of Scheduled Task Tampering: A Deep Dive into the HAFNIUM Threat Actor’s Latest Tactic

Ddos January 3, 2024 0

In the ever-evolving world of cybersecurity, the HAFNIUM threat actor has emerged with a novel and clandestine...

Read More Read more about The Stealthy Tech of Scheduled Task Tampering: A Deep Dive into the HAFNIUM Threat Actor’s Latest Tactic

$70K Bounty for Revealing CVE-2023-41974 Flaw, PoC Published

• Vulnerability

$70K Bounty for Revealing CVE-2023-41974 Flaw, PoC Published

Ddos January 3, 2024 0

Proof-of-concept (PoC) code has been released for iOS and macOS vulnerability, CVE-2023-41974, which can be chained to...

Read More Read more about $70K Bounty for Revealing CVE-2023-41974 Flaw, PoC Published

CVE-2023-48419 & 6339: Urgent Update on Google Nest’s Critical Flaws

• Vulnerability

CVE-2023-48419 & 6339: Urgent Update on Google Nest’s Critical Flaws

Ddos January 2, 2024 0

In a digital era where smart home devices are becoming ubiquitous, Google’s latest security bulletin for December...

Read More Read more about CVE-2023-48419 & 6339: Urgent Update on Google Nest’s Critical Flaws

CVE-2023-48418: A maximum severity vulnerability in Pixel Watch

• Vulnerability

CVE-2023-48418: A maximum severity vulnerability in Pixel Watch

Ddos January 2, 2024 0

In the realm of wearable technology, security often takes a backseat to functionality and design. However, the...

Read More Read more about CVE-2023-48418: A maximum severity vulnerability in Pixel Watch

PandoraFMS Enterprise: Unveiling 18 High-Risk Network Vulnerabilities

• Vulnerability

PandoraFMS Enterprise: Unveiling 18 High-Risk Network Vulnerabilities

Ddos January 2, 2024 0

NCC Group’s security researchers unearthed 18 vulnerabilities in PandoraFMS Enterprise v7.0NG.767, a network monitoring and management application...

Read More Read more about PandoraFMS Enterprise: Unveiling 18 High-Risk Network Vulnerabilities

CISA Warns of Active Exploitation of Chromium and Spreadsheet::ParseExcel

• Vulnerability

CISA Warns of Active Exploitation of Chromium and Spreadsheet::ParseExcel

Ddos January 2, 2024 0

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning that underscores the ongoing...

Read More Read more about CISA Warns of Active Exploitation of Chromium and Spreadsheet::ParseExcel

CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices

• Vulnerability

CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices

Ddos January 2, 2024 0

Proof-of-concept (PoC) code has been released for a zero-day iOS vulnerability (CVE-2023-32434) that can be chained to...

Read More Read more about CVE-2023-32434 Exploited: PoC Unlocks Full Command of iOS Devices

Qualcomm Patches 3 Critical Flaws in January 2024 Security Bulletin

• Vulnerability

Qualcomm Patches 3 Critical Flaws in January 2024 Security Bulletin

Ddos January 2, 2024 0

In a proactive maneuver, US chip giant Qualcomm has recently addressed 14 vulnerabilities within its array of...

Read More Read more about Qualcomm Patches 3 Critical Flaws in January 2024 Security Bulletin

Xlab-Qianxin Unveils Mirai.TBOT: A Dangerous Evolution of Mirai Botnet

• Malware

Xlab-Qianxin Unveils Mirai.TBOT: A Dangerous Evolution of Mirai Botnet

Ddos January 2, 2024 0

The Mirai botnet first emerged in 2016, a formidable threat in the digital landscape. It infiltrated the...

Read More Read more about Xlab-Qianxin Unveils Mirai.TBOT: A Dangerous Evolution of Mirai Botnet

Security Joes Unveils Stealthy Windows Hijack Technique via WinSxS

• Malware
• Vulnerability

Security Joes Unveils Stealthy Windows Hijack Technique via WinSxS

Ddos January 1, 2024 0

In the ever-evolving landscape of cybersecurity, threat actors continuously seek new methods to compromise systems. A groundbreaking...

Read More Read more about Security Joes Unveils Stealthy Windows Hijack Technique via WinSxS

CVE-2023-50255: The Threat Inside Deepin Linux’s Archive Manager

• Vulnerability

CVE-2023-50255: The Threat Inside Deepin Linux’s Archive Manager

Ddos January 1, 2024 0

Deepin is a popular Linux distribution based on the Debian “stable” branch. It’s highly praised for its...

Read More Read more about CVE-2023-50255: The Threat Inside Deepin Linux’s Archive Manager

CVE-2023-50226 Exposed: PoC Code Threatens Parallels Desktop Security

• Vulnerability

CVE-2023-50226 Exposed: PoC Code Threatens Parallels Desktop Security

Ddos January 1, 2024 0

Proof-of-concept (PoC) exploit code has been made available for a recently disclosed flaw, CVE-2023-50226 (CVSS 7.8), impacting...

Read More Read more about CVE-2023-50226 Exposed: PoC Code Threatens Parallels Desktop Security