A groundbreaking study from Tsinghua University and Zhongguancun Laboratory has uncovered critical vulnerabilities in modern web infrastructure, revealing that HTTP/2 server push and Signed HTTP […]
Author: cyberbytes
Arm Mali GPU Vulnerability Enables Bypass of MTE and Arbitrary Kernel Code Execution
A critical vulnerability, identified as CVE-2025-0072, has been discovered in the Arm Mali GPU driver, posing a significant threat to devices with newer Mali GPUs […]
How CISOs can defend against Scattered Spider ransomware attacks
The UK’s Marks & Spencer suffered a cyberattack in late April that damaged the high-end retailer’s operations and is expected to cost the company over […]
How Google Meet Pages Are Exploited to Deliver PowerShell Malware
A new wave of cyberattacks exploits user trust in Google Meet by deploying meticulously crafted fake meeting pages that trick victims into running malicious PowerShell […]
Critical GitHub MCP Server Vulnerability Allows Unauthorized Access to Private Repositories
A critical vulnerability in the widely-used GitHub MCP integration, boasting over 14,000 stars on GitHub, has been uncovered by Invariant Labs, posing a severe risk […]
Diese Social-Engineering-Trends sollten Sie kennen
Beim Social Engineering nutzen Cyberkriminelle menschliches Verhalten für ihre Zwecke aus. Dabei lassen sich folgende Trends beobachten. Agor2012 – shutterstock.com Anstatt auf fortschrittliche Tools oder […]
Threat Actors Deploy Database Client Tools on Targeted Systems to Exfiltrate Sensitive Data
Cybersecurity experts have noted an increase in data breaches where threat actors are directly querying internal databases to steal sensitive information. Unlike traditional malware-based attacks, […]
60 Malicious npm Packages Exfiltrate Hostnames, IP Addresses, and DNS Server Details
A Socket’s Threat Research Team has revealed a sophisticated and ongoing campaign targeting the npm ecosystem, involving 60 malicious packages published under three distinct accounts: […]
Katz Stealer Targets Chrome, Edge, Brave, and Firefox to Steal Login Credentials
Katz Stealer has emerged as a potent credential-stealing malware-as-a-service, targeting popular web browsers such as Chrome, Edge, Brave, and Firefox. This multi-feature stealer conducts extensive […]
Fake DigiYatra Apps Target Indian Users to Steal Financial Data
Threat actors have been exploiting the trust in India’s digital public infrastructure by setting up a deceptive phishing site, digiyatra[.]in, impersonating the DigiYatra Foundation. This […]