Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate […]
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as […]
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) […]
CISA Includes MDaemon Email Server XSS Flaw in KEV Catalog
Cybersecurity and Infrastructure Security Agency (CISA) has added a cross-site scripting (XSS) vulnerability affecting MDaemon Email Server to its Known Exploited Vulnerabilities (KEV) Catalog on […]
Regeneron to Buy 23andMe for $256M Amid Growing Data Privacy Concerns
Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for genetic testing pioneer 23andMe, offering $256 million for the majority […]
Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security […]
Novel Phishing Attack Combines AES With Poisoned npm Packages
Researchers discovered a phishing attack in the wild that takes multiple well-tread technologies like open source packages and AES encryption and combines them. ​The original […]
Critical VMware Cloud Foundation Vulnerability Exposes Sensitive Data
Broadcom’s VMware division has disclosed three significant security vulnerabilities in its Cloud Foundation platform that could allow attackers to gain unauthorized access to sensitive information […]
Security Flaw in WordPress Plugin Puts 22,000 Websites at Risk of Cyber Attacks
Critical security vulnerability has been discovered in Motors, a popular WordPress theme with over 22,000 sales, potentially exposing thousands of websites to complete takeover. Security […]
Skitnet malware: The new ransomware favorite
Ransomware operators are now actively using a modular malware, Skitnet, sold on underground forums including RAMP since April 2024. According to cybersecurity firm Prodaft, the […]