The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability, […]
New Rust-Based Botnet Hijacks Routers to Inject Remote Commands
A new malware named “RustoBot” has been discovered exploiting vulnerabilities…
Latest Lumma InfoStealer Variant Found Using Code Flow Obfuscation
Researchers have uncovered a sophisticated new variant of the notorious…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
Japan Sounds Alarm Over Hackers Draining Millions from Compromised Trading Accounts
Cybersecurity in Japan has hit a new low as the…
FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme
The Federal Bureau of Investigation (FBI) has issued a warning…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme
The Federal Bureau of Investigation (FBI) has issued a warning…
Japan Sounds Alarm Over Hackers Draining Millions from Compromised Trading Accounts
Cybersecurity in Japan has hit a new low as the…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
Latest Lumma InfoStealer Variant Found Using Code Flow Obfuscation
Researchers have uncovered a sophisticated new variant of the notorious…
New Rust-Based Botnet Hijacks Routers to Inject Remote Commands
A new malware named “RustoBot” has been discovered exploiting vulnerabilities…
OpenSSL 3.5.0 Released with Support for Post-Quantum Cryptography
The OpenSSL Project has officially released version 3.5.0 of its…
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
Cybersecurity researchers have discovered a malicious Python package on the…
Binance Spoofers Compromise PCs in ‘TRUMP’ Crypto Scam
An email campaign luring users with offers of free President…
Patch Tuesday, April 2025 Edition
Microsoft today released updates to plug at least 121 security…
Android Phones Pre-Downloaded With Malware Target User Crypto Wallets
The threat actors lace pre-downloaded applications with malware to steal…
CISA Warns of Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild
CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or […]
Bitdefender Warns of Multiple Vulnerabilities That Let Attackers Execute MITM Attack
Bitdefender has disclosed two critical vulnerabilities affecting its BOX v1 device that could allow network-adjacent attackers to execute Man-in-the-Middle (MITM) attacks, potentially leading to remote […]
Mozilla Urging Users to Update Firefox, Else Add-ons Will Stop Working
Mozilla has issued an urgent warning to Firefox users worldwide, emphasizing the critical need to update their browsers before March 14, 2025, when a vital […]
2-year-old Windows Kernel 0-day Vulnerability Exploited in the Wild
Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years. The vulnerability, tracked as CVE-2025-24983, was included in […]
Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords
A significant security vulnerability has been identified in Apache NiFi, allowing potential attackers with specific access privileges to expose MongoDB authentication credentials. The vulnerability, tracked […]
DeepSeek Generating Fully Working Keyloggers & Data Exfiltration Tools
Security researchers at Unit 42 have successfully prompted DeepSeek, a relatively new large language model (LLM), to generate detailed instructions for creating keyloggers, data exfiltration […]
Siemens SINAMICS S200 Bootloader Vulnerability Let Attackers Compromise the Device
Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader. […]
Hackers Abuse Microsoft Copilot for Sophisticated Phishing Attack
As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant. Microsoft Copilot, […]
86,000+ Healthcare Staff Records Exposed from Misconfigured AWS S3 Bucket
A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. Cybersecurity […]