Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware
The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could...
News
Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw
No less than 330,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices...
Mexico-Based Hacker Targets Global Banks with Android Malware
An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but...
Swedish Data Protection Authority Warns Companies Against Google Analytics Use
The Swedish data protection watchdog has warned companies against using Google Analytics due to risks posed by U.S. government surveillance,...
DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors
The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX
A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets
In yet another sign of a lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called...
WhatsApp Upgrades Proxy Feature Against Internet Shutdowns
Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can...
Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam
Every website owner or webmaster grapples with the issue of spam on their website forms. The volume of spam can...
CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a set of eight flaws to the Known Exploited Vulnerabilities...
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP...
Twitter’s bot spam keeps getting worse — it’s about porn this time
Forget crypto spam accounts, Twitter's got another problem which involves bots and accounts promoting adult content and infiltrating Direct Messages and...
Snappy: A tool to detect rogue WiFi access points on open networks
Cybersecurity researchers have released a new tool called 'Snappy' that can help detect fake or rogue WiFi access points that...
US-CERT Vulnerability Summary for the Week of June 19, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
BlackCat ransomware pushes Cobalt Strike via WinSCP search ads
Image: Bing Create The BlackCat ransomware group (aka ALPHV) is running malvertizing campaigns to lure people into fake pages that...
US-CERT Vulnerability Summary for the Week of June 19, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Beware: New ‘Rustbucket’ Malware Variant Targeting macOS Users
Researchers have pulled back the curtain on an updated version of an Apple macOS malware called Rustbucket that comes with...
Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks
Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing...
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
TSMC denies LockBit hack as ransomware gang demands $70 million
Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to...
The Week in Ransomware – June 30th 2023 – Mistaken Identity
A case of mistaken identity and further MOVEit Transfer data breaches continue dominated the ransomware news cycle this week. This...
