Cybercriminals are becoming increasingly sophisticated in their tactics, employing deceptive job application emails as a new vector to distribute the dangerous DanaBot malware. A recent report from AhnLab sheds light on this alarming trend,...
In a new report, cybersecurity firm ESET has revealed the alarming scale of a decade-long cyber campaign compromising nearly 400,000 Linux servers. The report, titled “Ebury is alive but unseen,” exposes the nefarious activities...
In a recent security advisory, Broadcom has revealed a series of critical vulnerabilities affecting VMware Workstation and Fusion, popular virtualization software used by businesses and individuals worldwide. These flaws, tracked as CVE-2024-22267, CVE-2024-22268, CVE-2024-22269,...
German enterprise software giant SAP has announced the release of 14 new security notes and three updates to previously released notes as part of its May 2024 Security Patch Day. The most significant new...
Cybersecurity researchers have unearthed a severe vulnerability in Linksys EA7500 routers that could allow attackers to remotely execute code with root privileges. This critical security flaw, cataloged as CVE-2023-46012 and scored at a perilous...
Cacti, a popular open-source network monitoring and graphing tool, has recently released a crucial security update to address two significant vulnerabilities that could leave systems exposed to malicious attacks. These vulnerabilities were found in...
Recently, cybersecurity experts at G Data have uncovered a sophisticated malware campaign that hijacks legitimate applications to execute malicious activities. This particular scheme involves the misuse of GoTo Meeting, a popular online meeting platform,...
Google has swiftly moved to address a high-severity zero-day vulnerability in its Chrome browser that was actively exploited in the wild. The vulnerability, identified as CVE-2024-4761, is an “Out of bounds write” flaw found...
Rapid7 analysts have uncovered a new, highly targeted social engineering campaign potentially linked to the Black Basta ransomware group. This multi-pronged attack begins with overwhelming users with spam emails, followed by phone calls impersonating...
Popular office suite app WPS Office, with over 500 million installs on Android, has been found vulnerable to a path traversal attack dubbed “Dirty Stream,” potentially exposing user data and enabling unauthorized access to...
The Phylum Research Team has uncovered a sophisticated attack targeting the Python Package Index (PyPI), a popular repository for Python software packages. The malicious package, dubbed “requests-darwin-lite,” disguised as a fork of the widely...
PowerDNS, a widely used open-source DNS software provider, has issued a security advisory regarding a vulnerability (CVE-2024-25581) in its DNSdist software versions 1.9.0 through 1.9.3. The vulnerability allows an attacker to trigger a denial...
Cacti, a widely used network monitoring tool, has released a critical security update to address multiple vulnerabilities, including a severe remote code execution (RCE) flaw. The most critical vulnerability, CVE-2024-25641, could allow authenticated attackers...
AhnLab’s Mobile Analysis Team has issued an alarm about an insidious new breed of romance scams specifically targeting cryptocurrency enthusiasts. These scams go beyond the typical emotional manipulation seen in traditional romance scams, incorporating...
Cybersecurity experts are urging all Microsoft Edge users to immediately install the latest security update, released on May 10th. This critical update addresses several vulnerabilities, including a zero-day flaw (CVE-2024-4671) that was actively being...
Secure Your Connection
