Threat actors have revived the sophisticated VIP keylogger malware, previously detailed in an earlier white paper for its use of spear-phishing and steganography to infiltrate […]
Attackers Can Use Browser Extensions to Inject AI Prompts
A proof-of-concept attack shows how threat actors can use a poisoned browser extension to inject malicious prompts into a generative AI tool. The original article […]
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left unaddressed, could allow attackers to hijack control […]
Apple Patches Multiple Vulnerabilities, Including Safari Vulnerability Abused in Chrome 0-Day Attacks
Apple has released a comprehensive set of security updates across its entire product ecosystem on July 29, 2025, addressing multiple vulnerabilities including a critical Safari […]
Microsoft SharePoint Server 0-Day Exploit Targets African Treasury, Companies, and University
A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim […]
Researchers Reveal North Korean Threat Actors’ Tactics for Uncovering Illicit Access
Cybersecurity researchers from Flashpoint have exposed the intricate tactics employed by North Korean threat actors to infiltrate global organizations through remote work vulnerabilities. These operatives, […]
Dropbox Passwords Service Ending: Export Your Vault Before Oct 28, 2025
Dropbox has announced the discontinuation of its Passwords service, giving users until October 28, 2025, to export their stored credentials before the feature is permanently […]
Ransomware upstart Gunra goes cross-platform with encryption upgrades
A new Linux variant of the “Gunra” ransomware family has been identified with highly configurable multithreading, allowing attackers to run up to 100 parallel encryptions. […]
Lazarus Group Enhances Malware with New OtterCookie Payload Delivery Technique
The Contagious Interview campaign conducted by the Lazarus Group continues to expand its capabilities. We have observed an exponential evolution in the delivery mechanisms for […]
Dobrindt prüft Einsatz von US-Software Palantir
Kann sich den Einsatz von Palantir vorstellen: Bundesinnenminister Dobrindt hotocosmos1 – shutterstock.com Bundesinnenminister Alexander Dobrindt (CSU) prüft den bundesweiten Einsatz der umstrittenen Analyse-Software des US-Unternehmens […]