Daily CyberSecurity • Page 474 of 735 • Zero-hour alerts. Unmatched analysis.

Rafel RAT Malware: A Growing Cybersecurity Threat to Android Devices

Do Son June 23, 2024

Check Point Research has released a comprehensive report detailing the alarming rise of Rafel RAT, an open-source...

CVE-2024-5756 (CVSS 9.8): Critical Icegram Express Flaw Puts 90,000 WordPress Sites at Risk

Do Son June 23, 2024

A critical vulnerability in Icegram Express, a popular email marketing plugin for WordPress with over 90,000 active...

RansomHub: A New Ransomware-as-a-Service Threatens Multiple Operating Systems

Do Son June 23, 2024

A new ransomware-as-a-service (RaaS) called RansomHub has emerged, targeting Windows, Linux, and ESXi operating systems. This multi-OS...

AdsExhaust: New Adware Masquerading as Oculus Installer Wreaks Havoc

Do Son June 23, 2024

In a recent report, the eSentire Threat Response Unit (TRU) has uncovered a sophisticated adware strain dubbed...

ESET Issues Security Patch for Privilege Escalation Flaw in Windows Products CVE-2024-2003

ESET Issues Security Patch for Privilege Escalation Flaw in Windows Products

Do Son June 22, 2024

ESET, a leading cybersecurity provider, has addressed a high-severity vulnerability in its range of Windows security products....

SneakyChef Espionage Campaign Targets Governments Across the Globe

Do Son June 22, 2024

A newly identified espionage group dubbed “SneakyChef” has been targeting government agencies in Europe, the Middle East,...

ANY.RUN Confirms Security Incident Involving Employee Email Compromise MuddyWater APT ANY.RUN security incident

ANY.RUN Confirms Security Incident Involving Employee Email Compromise

Do Son June 21, 2024

ANY.RUN, a popular malware analysis service, has reported a recent security incident involving a phishing attack that...

Over 30,000 WooCommerce Sites Exposed by Critical Plugin Flaw (CVE-2024-6027)

Do Son June 21, 2024

Over 30,000 WooCommerce-powered online stores may be at risk of a serious data breach due to a...

CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE

Do Son June 21, 2024

A critical vulnerability in js2py, a widely-used Python library with over 1 million monthly downloads, has left...

PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680)

Do Son June 20, 2024

A critical vulnerability in a popular PrestaShop module, “Facebook” (pkfacebook) by Promokit.eu, has been discovered and is...

CosmicSting (CVE-2024-34102): A Critical E-Commerce Vulnerability Threatening Millions of Online Stores PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

CosmicSting (CVE-2024-34102): A Critical E-Commerce Vulnerability Threatening Millions of Online Stores

Do Son June 20, 2024

A newly discovered vulnerability dubbed “CosmicSting” (CVE-2024-34102) has sent shockwaves through the e-commerce world, potentially jeopardizing millions...

Ghostscript Patches Multiple Vulnerabilities, Potential for Arbitrary Code Execution Ghostscript Vulnerabilities

Ghostscript Patches Multiple Vulnerabilities, Potential for Arbitrary Code Execution

Do Son June 20, 2024

Ghostscript, a widely-used open-source software for rendering and converting PostScript and PDF files, has released a critical...

Zergeca Botnet Exposed: Advanced Capabilities Beyond DDoS

Do Son June 20, 2024

Cybersecurity researchers at XLab have uncovered a sophisticated new botnet dubbed “Zergeca.” Discovered in May 2024, this...

PoC Published for Critical Nvidia Triton Inference Server Vulnerabilities NVIDIA Legacy GPUs, Driver Support CVE-2024-0087 exploit

PoC Published for Critical Nvidia Triton Inference Server Vulnerabilities

Do Son June 20, 2024

Cybersecurity researcher Zhiniang Peng published the technical details and proof-of-concept for two serious vulnerabilities in NVIDIA’s widely...

SocGholish Malware: The Silent Threat Lurking in Fake Browser Updates

Do Son June 20, 2024

SocGholish, a sophisticated JavaScript malware framework, has been a persistent threat since its emergence in 2017. Designed...

Nobelium Continues to Strike High-Profile Targets hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

Nobelium Continues to Strike High-Profile Targets

Do Son June 20, 2024

The French National Cybersecurity Agency (ANSSI) has issued a warning about the continued activity of the Nobelium...

Chinese Cyberspies Breach Asian Telecoms in Long-Running Espionage Campaign Chinese espionage groups APT35 Phishing, Stormshield CTI

Chinese Cyberspies Breach Asian Telecoms in Long-Running Espionage Campaign

Do Son June 20, 2024

Symantec’s Threat Hunter Team has uncovered a long-running and highly sophisticated cyber espionage campaign targeting numerous telecommunications...

Fortra Warns: Hard-Coded Password Vulnerability in FileCatalyst – CVE-2024-5275

Do Son June 19, 2024

Fortra, the developer of the popular FileCatalyst file transfer solutions, has issued a critical security advisory warning...

GreyNoise Warns of Active Exploitation Attempts Targeting SolarWinds Serv-U Vulnerability (CVE-2024-28995)

Do Son June 19, 2024

On June 5, 2024, SolarWinds issued a critical advisory regarding a newly discovered path-traversal vulnerability in Serv-U,...

China-Linked UNC3886: Mandiant Reveals Extensive Espionage TTPs UNC3886

China-Linked UNC3886: Mandiant Reveals Extensive Espionage TTPs

Do Son June 19, 2024

Cybersecurity firm Mandiant has unveiled a comprehensive report detailing the extensive cyber espionage campaign of UNC3886, a...