SocGholish Malware Hijacks BOINC Platform: A New Frontier in Cyberattacks
In a troubling development, the SocGholish malware, also known as FakeUpdates, has been found to deploy a remote access trojan […]
Alert
Critical Vulnerability in Cisco Smart Software Manager On-Prem: CVE-2024-34102
Cisco has recently addressed a significant security flaw in its Smart Software Manager On-Prem (Cisco SSM On-Prem), releasing patches to
BeaverTail Reborn: North Korean Hackers Update Malware to Target macOS Users
In the ever-evolving landscape of cybersecurity threats, North Korean hackers have once again demonstrated their ingenuity by updating the notorious
Critical Remote Code Execution Vulnerability in GeoServer Actively Exploited, CISA Issues Urgent Warning
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting OSGeo GeoServer GeoTools to its
AT&T Data Breach Exposes Millions of Wireless Customers’ Call and Text Records
In a significant security lapse, American telecom giant AT&T has disclosed that cybercriminals have managed to breach its systems, impacting
Palo Alto Networks Releases Patches for Critical Expedition Tool Vulnerability and RADIUS Protocol Flaw
Palo Alto Networks has issued security updates to fix five significant vulnerabilities across its products, including a critical flaw in
Not Again! Another OpenSSH Vulnerability Discovered with Potential RCE (CVE-2024-6409)
Another vulnerability discovered in select versions of the OpenSSH secure networking suite poses a significant threat, potentially enabling remote code
Emerging APT Group “CloudSorcerer” Utilizes Cloud Services to Target Russian Government Entities
In the ever-evolving landscape of cybersecurity threats, a newly identified advanced persistent threat (APT) group known as CloudSorcerer has emerged,
Massive Polyfill[.]io Supply Chain Attack Affects Over 380,000 Hosts, Including Major Corporations
In a recent cybersecurity incident, the widely-used JavaScript library Polyfill[.]io has been compromised, affecting over 380,000 hosts, according to new
Alert: Remote Code Execution and DoS in Rockwell Automation Systems PanelView Plus
Recently Microsoft has disclosed two critical security flaws in Rockwell Automation’s PanelView Plus that can be exploited by remote, unauthenticated
Twilio’s Authy Breach: A Wake-Up Call for Cybersecurity in 2FA Apps
In a concerning development for cybersecurity enthusiasts and users alike, Twilio has revealed a breach in its Authy app, a
FakeBat Loader Malware: The Rising Threat of Drive-by Download Attacks
In the rapidly evolving landscape of cybersecurity threats, the loader-as-a-service (LaaS) model known as FakeBat has emerged as one of
Uncovering ‘Indirector’: A New Vulnerability Exposing Sensitive Data in Intel CPUs
Intel’s cutting-edge processors, including the Raptor Lake and Alder Lake series, have been found vulnerable to a novel side-channel attack
Critical CocoaPods Vulnerabilities Expose iOS and macOS Apps to Major Supply Chain Attacks
A significant security vulnerability has been unearthed in CocoaPods, a popular dependency manager used for Swift and Objective-C Cocoa projects.
New OpenSSH Vulnerability: Critical Risk of Remote Code Execution on Linux Systems
The cybersecurity community is once again on high alert following the recent disclosure of a critical vulnerability in OpenSSH, which