Apple has released emergency security updates addressing a critical zero-day vulnerability in its WebKit browser engine, identified as CVE-2025-24201, which has been actively exploited in […]
Author: cyberbytes
.webp)
Chinese Hackers New Malware Dubbed ‘Squidoor’ Attacking Global Organizations
A sophisticated backdoor malware called “Squidoor” being deployed by suspected Chinese threat actors against organizations across South America and Southeast Asia. The malware, designed for […]
Apache Pinot Vulnerability Let Attackers Bypass Authentication
A critical security vulnerability (CVE-2024-56325) in Apache Pinot, the open-source distributed OLAP datastore used by LinkedIn, Uber, and Microsoft for real-time analytics, allows unauthenticated attackers […]
New Botnet Dubbed “Eleven11bot” Hacked 30,000 Webcams
A newly identified botnet, tracked as Eleven11bot, has compromised approximately 30,000 internet-connected devices—primarily security cameras and network video recorders (NVRs)—to launch distributed denial-of-service (DDoS) attacks […]
SolarWinds Web Help Desk Vulnerability Let Hackers Access Stored Passwords – PoC Released
A critical vulnerability in SolarWinds’ Web Help Desk software (CVE-2024-28989) allowed attackers to decrypt sensitive credentials, including database passwords and LDAP/SMTP authentication secrets, through cryptographic […]
Microsoft March 2025 Patch Tuesday: Fixes for 57 Vulnerabilities & 6 Actively Exploited Zero-Days
Microsoft’s March 2025 Patch Tuesday addresses 57 vulnerabilities, including six zero-day vulnerabilities that are currently being exploited. The security update includes fixes for Windows, Microsoft […]
Apache Camel Vulnerability Let Attackers Inject Arbitrary Headers – PoC Exploit Released
A critical security flaw in Apache Camel’s header validation mechanism allows attackers to execute arbitrary system commands by exploiting case-sensitive header injection. A POC released […]
Google Warned Chromecast Owners Not to Hit Factory Reset
Google has issued an urgent advisory to owners of Chromecast 2nd Generation (2015) and Chromecast Audio devices, warning against factory resets as a global outage […]
Beware! AI-Assisted Fake GitHub Repositories Steal Sensitive Data Including Login Credentials
A sophisticated malware campaign leveraging artificial intelligence to create deceptive GitHub repositories has been observed distributing SmartLoader payloads that ultimately deploy Lumma Stealer, a dangerous […]
.webp)
New XCSSET Malware Attacking macOS Users With Enhanced Obfuscation
Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects and executes when developers build these […]