Daily CyberSecurity • Page 447 of 739 • Zero-hour alerts. Unmatched analysis.

Hacking the Hacker: Researcher Found Critical Flaw (CVE-2024-45163) in Mirai Botnet

Do Son August 25, 2024

Security researcher Jacob Masse has exposed a critical vulnerability within the Mirai botnet, the infamous malware that...

China-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399) CVE-2020-3259 Router Smishing, Grooza Cluster

China-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399)

Do Son August 25, 2024

At the beginning of 2024, the Chinese group Velvet Ant exploited a patched zero-day vulnerability (CVE-2024-20399, CVSS...

Cyberattack on Magento: Hackers Inject Skimmer, Card Data Stolen malicious

Cyberattack on Magento: Hackers Inject Skimmer, Card Data Stolen

Do Son August 25, 2024

During a recent cyberattack on numerous online stores utilizing the Magento platform, a skimmer was injected into...

User Outcry Forces Google to Resume Chrome Support on Ubuntu 18.04 Ubuntu 18.04 Chrome

User Outcry Forces Google to Resume Chrome Support on Ubuntu 18.04

Do Son August 25, 2024

Google unexpectedly discontinued support for the Chrome browser on the current long-term support operating system, Ubuntu 18.04...

CVE-2024-43399: Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF)

Do Son August 25, 2024

A serious security flaw has been uncovered in Mobile Security Framework (MobSF), a widely-used open-source tool for...

ShellSweepX: A Precision Tool for Web Shell Detection

Do Son August 24, 2024

In the realm of cybersecurity, the ever-present threat of web shells demands specialized solutions. These malicious scripts,...

PEAKLIGHT Malware: A New Stealthy Memory-Only Threat Emerges

Do Son August 24, 2024

Cybersecurity researchers at Mandiant have unveiled a sophisticated new memory-only dropper and downloader that’s been silently delivering...

Qilin Ransomware: Beyond Encryption, a New Threat of Credential Theft Dark Angels group

Qilin Ransomware: Beyond Encryption, a New Threat of Credential Theft

Do Son August 24, 2024

The Qilin ransomware group, already infamous for its “double extortion” tactics, has now added a new strategy...

CertiK Issues Public Apology to Kraken Over $3M Bug Bounty Incident ATLAS LION

CertiK Issues Public Apology to Kraken Over $3M Bug Bounty Incident

Do Son August 24, 2024

The cybersecurity firm CertiK has publicly confirmed its involvement in the incident with the cryptocurrency exchange Kraken,...

Moscow Hacker Arrested in Georgia, Faces U.S. Court for Cybercrimes Romanian hacker sentenced identity theft conviction Pig-Butchering Crackdown Operation Level Up Oleksandr Didenko North Korean IT Workers Coinbase TaskUs insider breach, Hyderabad police Coinbase arrest Scattered Spider, Cybercrime Scattered Spider group

Romanian hacker sentenced identity theft conviction Pig-Butchering Crackdown Operation Level Up Oleksandr Didenko North Korean IT Workers Coinbase TaskUs insider breach, Hyderabad police Coinbase arrest Scattered Spider, Cybercrime Scattered Spider group

Moscow Hacker Arrested in Georgia, Faces U.S. Court for Cybercrimes

Do Son August 24, 2024

Deniss Zolotarjovs, a 33-year-old resident of Moscow, has recently been charged with participating in the activities of...

CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive Versa Director GUI - CVE-2024-39717

CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive

Do Son August 23, 2024

In a recent cybersecurity alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the active...

ALBeast Vulnerability Exposes Thousands of AWS Applications to Critical AuthN/AuthZ Bypass

Do Son August 23, 2024

A new configuration-based vulnerability, dubbed ALBeast, has been uncovered by Miggo Research, affecting a staggering number of...

New PostgreSQL Threat: PG_MEM Malware Strikes Databases PG_MEM PostgreSQL malware

New PostgreSQL Threat: PG_MEM Malware Strikes Databases

Do Son August 23, 2024

A new and insidious threat has emerged, targeting the widely used PostgreSQL database management system. Aqua Nautilus...

Browser Choice Alliance letter Microsoft Edge cleartext credentials memory dump Microsoft Edge auto-startup Microsoft Edge Collections sunset, export Edge Collections CSV Edge IE Mode Zero-Day, Chakra Exploit Windows Search, Microsoft Edge AI video translation, Edge browser Microsoft Editor, Edge Edge Developer tools Windows 10 ESU, Microsoft Edge Microsoft Edge, FCP Optimization CVE-2023-36735 Edge, AI Search

Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities

Do Son August 23, 2024

Microsoft has released an urgent security update for its Edge browser, patching a critical vulnerability that is...

Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk CVE-2024-38054 exploit

Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk

Do Son August 22, 2024

Security researcher ‘Frost’ has released proof-of-concept exploit code for the CVE-2024-38054 vulnerability, escalating concerns over a recently...

Critical Vulnerabilities Uncovered in Progress WhatsUp Gold (CVE-2024-6670 & CVE-2024-6671) MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

Critical Vulnerabilities Uncovered in Progress WhatsUp Gold (CVE-2024-6670 & CVE-2024-6671)

Do Son August 22, 2024

The Progress WhatsUp Gold team has recently disclosed multiple critical vulnerabilities affecting all versions of the software...

SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766) SonicWall Firewall CVE-2024-40766 SonicWall SMA Vulnerabilities, Web Interface Flaws

SonicWall Firewall CVE-2024-40766 SonicWall SMA Vulnerabilities, Web Interface Flaws

SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766)

Do Son August 22, 2024

SonicWall, a prominent network security provider, has released a security advisory warning users of a critical vulnerability...

Cybercriminals Mimic Slack in Sophisticated Malvertising Campaign SecTopRAT

Cybercriminals Mimic Slack in Sophisticated Malvertising Campaign

Do Son August 22, 2024

A recently discovered malvertising campaign targeting Slack users has highlighted the increasingly sophisticated tactics employed by cybercriminals....

NGate Android Malware Steals NFC Payment Data at ATMs

Do Son August 22, 2024

Researchers from ESET have uncovered a new malicious campaign targeting customers of three Czech banks. The attackers...

CVE-2024-38206: SSRF Vulnerability in Microsoft Copilot Studio Exposes Internal Infrastructure Windows 11 26H1, Copilot+ PC AI content, monetization AI Code Review, Microsoft Engineering Microsoft Copilot Studio Uninstall Copilot AI Windows 11 LTSC

Windows 11 26H1, Copilot+ PC AI content, monetization AI Code Review, Microsoft Engineering Microsoft Copilot Studio Uninstall Copilot AI Windows 11 LTSC

CVE-2024-38206: SSRF Vulnerability in Microsoft Copilot Studio Exposes Internal Infrastructure

Do Son August 22, 2024

Tenable Research has discovered a critical server-side request forgery (SSRF) vulnerability in Microsoft’s Copilot Studio, potentially allowing...