A new ransomware variant known as “Ghost” (also referred to as Cring) has emerged as a significant danger. Since its first appearance in 2021, the […]
Chinese Hackers Leverage Reverse SSH Tool in New Wave of Attacks on Organizations
The Chinese hacker group known as Billbug, or Lotus Blossom,…
RDP and MS Office Vulnerabilities Abused by Kimusky in Targeted Intrusions
The AhnLab SEcurity intelligence Center (ASEC) has released a detailed…
New Obfuscation Trick Lets Attackers Evade Antivirus and EDR Tools
Researchers have unveiled a sophisticated new technique that allows attackers…
Linux 6.15-rc3 Released With Key Kernel Bug Fixes
Linus Torvalds announced the release of Linux 6.15-rc3, delivering a…
Hackers Abuse Zoom’s Remote Control to Access Users’ Computers
A newly uncovered hacking campaign is targeting business leaders and…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Chinese Hackers Leverage Reverse SSH Tool in New Wave of Attacks on Organizations
The Chinese hacker group known as Billbug, or Lotus Blossom,…
New Obfuscation Trick Lets Attackers Evade Antivirus and EDR Tools
Researchers have unveiled a sophisticated new technique that allows attackers…
RDP and MS Office Vulnerabilities Abused by Kimusky in Targeted Intrusions
The AhnLab SEcurity intelligence Center (ASEC) has released a detailed…
Linux 6.15-rc3 Released With Key Kernel Bug Fixes
Linus Torvalds announced the release of Linux 6.15-rc3, delivering a…
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Cybersecurity researchers have disclosed a surge in "mass scanning, credential…
Two Hackers Arrested For ATM Jackpotting by Deploying Malware
Federal prosecutors unsealed criminal complaints today against David Jose Gomez…
43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers
A comprehensive study by zLabs, the research team at Zimperium,…
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that…
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
The threat actor known as EncryptHub exploited a recently-patched security…
Gain Legends International Suffers Security Breach – Customers Data Stolen
Gain Legends International, a prominent name in sports, entertainment, and…
China Plans Expanded Cybersecurity Cooperation with Russia
China has announced a significant step forward in its partnership with Russia, with plans to expand their cooperation in the field of cybersecurity. In an […]
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors […]
Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely
A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation, drawing urgent attention from the cybersecurity community worldwide. The vulnerability, tracked […]
Harvest Ransomware Attack: Stolen Data Now Publicly Disclosed
French fintech leader Harvest SAS has become the latest high-profile victim of a sophisticated ransomware attack, culminating this week in the public release of a trove of […]
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. […]
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans […]
Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools
The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and a […]
CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports of possible unauthorized access to a legacy Oracle Cloud environment. While […]
Critical Flaw in PHP’s extract() Function Enables Arbitrary Code Execution
A critical vulnerability in PHP’s extract() function has been uncovered, enabling attackers to execute arbitrary code by exploiting memory corruption flaws. The issue affects PHP versions 5.x, […]