Google has just released an urgent update for its Chrome browser, addressing two serious security vulnerabilities that could potentially allow attackers to take control of users’ systems. The vulnerabilities, identified...
In a recent report, cybersecurity firm AhnLab has highlighted a disturbing trend in which Discord Bots, initially designed for benign server management, have been weaponized to deploy Remote Access Trojans...
A critical vulnerability has been discovered in IBM Power Systems servers, potentially allowing unauthorized access and complete control over affected systems. The flaw, identified as CVE-2024-45656, stems from the use...
CYFIRMA has recently exposed a trio of malicious stealers—Divulge, Dedsec, and Duck Stealers—highlighting their proliferation across GitHub, Discord, and Telegram. These stealers, leveraging advanced anti-analysis tactics and targeting sensitive data,...
A new critical vulnerability has been discovered in CyberPanel, a popular open-source web hosting control panel, by security researcher DreyAnd. The flaw, a zero-click pre-authentication root remote code execution (RCE),...
In a revealing discovery, Google’s Threat Intelligence Group has uncovered a suspected Russian espionage campaign aimed at Ukrainian military recruits. Known as UNC5812, the operation employs both malware and strategic...
The Canadian Centre for Cyber Security (Cyber Centre) has issued a warning to Canadian organizations, urging them to strengthen their defenses against an ongoing campaign of reconnaissance scanning attributed to...
A high-severity vulnerability has been discovered in the Common Log File System (CLFS) driver in Windows 11, enabling local users to escalate their privileges. CLFS is responsible for efficiently managing...
In a recent security advisory, Spring Security disclosed CVE-2024-38821, a critical vulnerability impacting WebFlux applications, with a CVSS severity score of 9.1. The flaw enables an “authorization bypass of static...
A new vulnerability, CVE-2024-22036, has been disclosed by the SUSE Rancher Security team, highlighting a critical flaw that enables remote code execution (RCE) in Rancher environments. Rated 9.1 on the...
In a recent report, Proofpoint reveals how cybercriminals have evolved their tactics, preying on job seekers with fraudulent job offers that ultimately drain victims’ cryptocurrency wallets. These “Pig Butcher” scams,...
A new report reveals a concerning number of security vulnerabilities affecting Sharp and Toshiba Tec multifunction printers (MFPs). These flaws could allow attackers to crash devices, steal sensitive information, bypass...
Cosmos Hub, a prominent decentralized project, finds itself embroiled in controversy amidst revelations that the development of its Liquid Staking Module (LSM) may have involved specialists from North Korea. Previously...
SafeBreach specialist Alon Leviev has discovered that attackers can exploit outdated Windows kernel components to bypass critical protections, such as Driver Signature Enforcement, enabling the installation of rootkits even on...
A severe security vulnerability has been identified in the Xlight SFTP server, a popular Windows-based FTP and SFTP solution designed for secure, high-performance file transfer. Designated as CVE-2024-46483, this pre-authentication...
Support Securityonline.info site. Thanks!
