Daily CyberSecurity • Page 505 of 733 • Zero-hour alerts. Unmatched analysis.

Pig-Butchering Scams: A Rising Threat to Investors in India and Globally

Do Son March 7, 2024

The digitalization of financial markets has brought increased investor access but also heightened vulnerability to cybercrime. India,...

Fenix Botnet: A New Cyberthreat Targeting Latin America

Do Son March 7, 2024

In January 2024, eSentire’s Threat Response Unit (TRU) uncovered a sophisticated malware campaign unleashed against Latin American...

JFrog Artifactory Vulnerabilities: Patch Now to Protect Your Software Supply Chain CVE-2023-42662

JFrog Artifactory Vulnerabilities: Patch Now to Protect Your Software Supply Chain

Do Son March 7, 2024

JFrog Artifactory, a vital tool for many development teams, has recently had several security vulnerabilities revealed. These...

CVE-2024-2044: pgAdmin Remote Code Execution Vulnerability CVE-2024-2044 pgAdmin, OAuth vulnerability

CVE-2024-2044: pgAdmin Remote Code Execution Vulnerability

Do Son March 7, 2024

A recently patched vulnerability (CVE-2024-2044) in pgAdmin, the widely-used PostgreSQL administration tool, highlights the ever-present risks of...

CVE-2024-28222 (CVSS 9.8): Veritas NetBackup Remote Code Execution Vulnerability

Do Son March 7, 2024

A severe security vulnerability (CVE-2024-28222) has been uncovered in Veritas NetBackup, the widely used enterprise backup solution....

Hacker attack on Xplain: Swiss Govt. Data Exposed in Report Xplain hacker attack

Hacker attack on Xplain: Swiss Govt. Data Exposed in Report

Do Son March 7, 2024

The fallout from the devastating hacker attack on IT provider Xplain continues as the Swiss National Cyber...

CVE-2024-27295: Directus Flaw Opens Door to Account Takeovers

Do Son March 7, 2024

A flaw (CVE-2024-27295) was found in Directus, a versatile open-source content management platform favored by developers for...

Copybara Fraud Campaign Leverages On-Device Fraud and Social Engineering Tactics Copybara campaign

Copybara Fraud Campaign Leverages On-Device Fraud and Social Engineering Tactics

Do Son March 7, 2024

Cleafy‘s recent analysis of the Copybara campaign highlights a troubling escalation in online banking fraud. Threat actors...

CVE-2024-21320 PoC Published- How Microsoft Themes Can Compromise Your Credentials

Do Son March 6, 2024

Akamai security researcher Tomer Peled recently unveiled the technical detail and proof-of-concept (PoC) for a vulnerability within...

Inside a Python Infostealer: How Attackers Abuse Legitimate Platforms for Credential Theft

Do Son March 6, 2024

A Cybereason Security Services analysis uncovers a sophisticated infostealer campaign that leverages GitHub, GitLab, Telegram, and common...

CVE-2024-25111: Squid Proxy Hit by Serious Denial of Service Bug Squid proxy vulnerabilities, buffer overflow attack Squid Credentials Leak, HTTP Authentication Redaction CVE-2024-25111

Squid proxy vulnerabilities, buffer overflow attack Squid Credentials Leak, HTTP Authentication Redaction CVE-2024-25111

CVE-2024-25111: Squid Proxy Hit by Serious Denial of Service Bug

Do Son March 6, 2024

Squid, the workhorse of web caching and acceleration, is facing a critical security threat. A vulnerability (CVE-2024-25111,...

TA4903 – A Cybercriminal Group with a Focus on Financial Gain TA4903 cybercriminal group

TA4903 – A Cybercriminal Group with a Focus on Financial Gain

Do Son March 6, 2024

Financial gain is the core motivation of cybercriminal group TA4903. This group has displayed a consistent pattern...

CVE-2024-27917: Critical Vulnerability in Popular E-Commerce Platform Shopware 6

Do Son March 6, 2024

A newly discovered critical vulnerability (CVE-2024-27917) in Shopware 6, a widely used open-source e-commerce platform, could significantly...

Sophisticated Linux Malware Campaign Targets Misconfigured Cloud Services India Semiconductors, Chip Manufacturing Linux Malware Campaign

India Semiconductors, Chip Manufacturing Linux Malware Campaign

Sophisticated Linux Malware Campaign Targets Misconfigured Cloud Services

Do Son March 6, 2024

Cado Security Labs’ recent discovery exposed a complex malware campaign zeroing in on Linux servers misconfigured with...

CVE-2023-28578 & CVE-2023-28582: Qualcomm Patches Critical Flaws in Popular Chips CVE-2023-28578 and CVE-2023-28582

CVE-2023-28578 & CVE-2023-28582: Qualcomm Patches Critical Flaws in Popular Chips

Do Son March 6, 2024

US chipmaking giant Qualcomm has released a crucial security bulletin this month, patching 16 vulnerabilities – including...

CVE-2024-27302 (CVSS 9.1): go-zero Framework Authorization Bypass Vulnerability

Do Son March 6, 2024

Attention users of the popular go-zero web and RPC framework! A critical vulnerability (CVE-2024-27302) has been uncovered...

Kanko Online Shop Breach: Thousands of Customer Credit Card Details Exposed

Do Son March 5, 2024

Japanese school uniform retailer Kanko Online Shop has disclosed a significant data breach affecting its “Kanko Online...

GhostLocker & StormousX: Global Ransomware Attacks Hit 18 Nations GhostSec ransomware

GhostLocker & StormousX: Global Ransomware Attacks Hit 18 Nations

Do Son March 5, 2024

Cisco Talos observed a collaborative effort between the GhostSec and Stormous ransomware groups, conducting double extortion attacks...

The Rise of Fake Online Meeting Websites Spreading Android and Windows RATs Windows & Android RAT

The Rise of Fake Online Meeting Websites Spreading Android and Windows RATs

Do Son March 5, 2024

The world runs on virtual meetings now. Skype, Zoom, and Google Meet have woven themselves into the...

NetKiller & Condi Botnets Exploit Uniview ISC Cameras CVE-2024-0778 Flaw

Do Son March 5, 2024

Security researchers have sounded the alarm on a critical vulnerability (CVE-2024-0778) affecting outdated Zhejiang Uniview ISC cameras....

Critical Alert 1 Active Exploit Detected Today