Google Chrome Use-After-Free Vulnerability Leads to Browser Crash

Google Chrome Stable Channel Update for Desktop version 119.0.6.45.159 for Mac and Linux and 119.0.6045.159/.160 for Windows has been releas...
Read More

Kubernetes Windows Nodes Vulnerability Let Attacks Gain Admin Privileges

As previously reported, three high-severity vulnerabilities in Kubernetes existed in Ingress controllers for NGINX. In addition to this, ano...
Read More

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infra...
Read More

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary c...
Read More

WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks

In a recent development, the WPScan team has unearthed a significant security flaw within the widely-used WP Fastest Cache plugin.  This vul...
Read More

Hackers Deliver Weaponized LNK Files Through Legitimate Websites

LNK files are shortcut files in Windows that link to a program or file. Hackers may exploit LNK files to deliver malicious payloads by disgu...
Read More

Three Ways Varonis Helps You Fight Insider Threats

What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, propr...
Read More

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology tha...
Read More

Ransomedvc to Shutdown Operations, Selling Out Infrastructure

Ransomed[.]vc, a notorious ransomware and data extortion group, has recently announced the end of its operations and the auction of its enti...
Read More

CI/CD Risks: Protecting Your Software Development Pipelines

Have you heard about Dependabot? If not, just ask any developer around you, and they'll likely rave about how it has revolutionized the ...
Read More

New Campaign Targets Middle East Governments with IronWind Malware

Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader...
Read More

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October...
Read More

CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizati...
Read More

BiBi Wiper Attacking Windows Machine to Cause Data Destruction

The ongoing conflict between Israel and Hamas has taken a new turn as cyberattacks have become a prominent weapon for both sides. A new wipe...
Read More

New Ransomware Group Emerges with Hive's Source Code and Infrastructure

The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-d...
Read More

Top 5 Marketing Tech SaaS Security Challenges

Effective marketing operations today are driven by the use of Software-as-a-Service (SaaS) applications. Marketing apps such as Salesforce, ...
Read More

New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyb...
Read More

Best Security Solutions for Marketers – 2024

Marketers play an essential role in today’s market by bridging the gap between the consumer and the organization or product. In the process ...
Read More

How Network Detection & Response (NDR) Technology is Used Against Cyber Threats

NDR solutions are becoming indispensable for many organizations in their security architecture due to how they handle threats. They are proa...
Read More

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of it...
Read More

Batloader: A Batch File That Delivers Several Different Types of Malware

Several malware families have been delivered to victims through various stages of the attack. One of the common methods for delivering ranso...
Read More

Burp Suite 2023.10.3.4 Released for Professional & Community – What’s New!

Burp Suite 2023.10.3.4 was just published by PortSwigger and is aimed at ethical hackers and security experts with updated features. Burp Su...
Read More

Marina Bay Sands Hacked: 665,000+ Members Personal Data Exposed

In a startling revelation, Marina Bay Sands, Singapore’s renowned architectural marvel and a coveted global tourist destination, has fallen ...
Read More

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in Octo...
Read More

Multiple Videolan VLC Player Flaws Leads to Memory Corruption: Update Now!

Recently, two significant vulnerabilities related to memory corruption have been uncovered in the popular VLC media player. These vulnerabil...
Read More

Hackers Weaponize PDF Files to Deliver Multiple Ransomware Variants

PDF files are commonly used for their versatility, making them a prime target for malware delivery because they can embed malicious scripts ...
Read More

Chinese Hackers Expanding Cyber Capabilities to Exploit Zero-Day Vulnerabilities

State-sponsored hackers or threat actors and their cyber operations are evolving at an alarming pace, leveraging advanced techniques and con...
Read More

ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials

Threat actors can potentially exploit ChatGPT to generate convincing phishing emails or deceptive content encouraging users to download malw...
Read More

Top 6 Cyber Incident Response Plans – 2024

It is getting better and better that modern security tools can protect companies’ networks and endpoints from hackers. But sometimes, bad pe...
Read More

What is Crowdsourced Threat Intelligence?

Threat intelligence is essential for cybersecurity, as it provides organizations with a clear view of the current threat landscape and enabl...
Read More

Guide: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks

Download the free guide, "It's a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks....
Read More

NODLINK – First-ever Online System for APT Attack Detection

Researchers point out that APTs (Advanced Persistent Threats) cause financial harm to organizations. For APT modeling, provenance graphs may...
Read More

Experts Expose Farnetwork's Ransomware-as-a-Service Business Model

Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-s...
Read More

Offensive and Defensive AI: Let’s Chat(GPT) About It

ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT, ...
Read More

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targ...
Read More

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecuri...
Read More

QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices

QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code...
Read More

SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses

Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security r...
Read More

Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors

Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023...
Read More

Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel

Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host comm...
Read More

Information Security Magazine

Latest Cyber Hacking News