A critical vulnerability in SSL.com’s domain validation process allowed unauthorized parties to fraudulently obtain TLS certificates for high-profile domains, including Alibaba Cloud’s aliyun.com, researchers revealed this […]
Author: cyberbytes
WordPress Ad-Fraud Plugins Trigger Massive 1.4 Billion Daily Ad Requests
Cybersecurity researchers have uncovered a sprawling ad-fraud operation exploiting WordPress plugins to trigger over 1.4 billion fraudulent ad requests every day. Dubbed “Scallywag,” this scheme […]
Critical Flaw in Windows Update Stack Enables Code Execution and Privilege Escalation
A newly discovered vulnerability in the Windows Update Stack, tracked as CVE-2025-21204, has sent shockwaves through the cybersecurity community after researchers revealed it could enable […]
MITRE Unveils D3FEND CAD Tool to Model Advanced Cybersecurity Scenarios
MITRE has officially launched D3FEND CAD, an innovative tool designed to revolutionize how organizations model, analyze, and defend against sophisticated cyber threats. D3FEND CAD is […]
HPE Performance Cluster Manager Vulnerability Enables Unauthorized Access
Hewlett Packard Enterprise (HPE) has disclosed a severe security flaw in its Performance Cluster Manager (HPCM) software that could allow attackers to bypass authentication and […]
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country […]
Whistleblower: DOGE Siphoned NLRB Case Data
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive […]
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up more than 100 victims. The original article found on darkreading Read More
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect a victim’s device, either with an infostealer or remote access Trojan (RAT). The original article […]
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those with links to larger businesses, as the weak link in the supply chain for software […]