Recently, cybersecurity experts successfully thwarted an attempt to hack a project on the OpenJS platform, which bears a striking resemblance to a recent incident involving a backdoor in the XZ Utils compression utility. On...
A team of cybersecurity experts has detected a resurgence of a cyberespionage campaign targeting users in South Asia. The objective of these attacks is to deploy a new version of the malicious software LightSpy,...
Yubico, the developer of the widely-used YubiKey authentication devices, has alerted Windows users to a significant vulnerability in its software. According to the company’s official statement, this vulnerability could lead to elevated privileges on...
Approximately six years ago, vulnerabilities were discovered that affected the majority of Intel and AMD processors. Known as Spectre and Meltdown, these flaws could be exploited to steal sensitive data from compromised systems. In...
Nexperia, a prominent Dutch semiconductor manufacturer under the management of the Chinese company Wingtech, recently experienced a serious cyberattack. According to an official statement from the company, unauthorized access to its information systems was...
In a collaborative operation that began in 2020, the Australian Federal Police (AFP) and the Federal Bureau of Investigation (FBI) have arrested two individuals suspected of developing and distributing the malicious software initially named...
Recently, details emerged about a new cyberattack tool developed by the Iranian hacker group MuddyWater, also known as Boggy Serpens, Mango Sandstorm, and TA450. Affiliated with Iran’s Ministry of Intelligence and Security, this cybercriminal...
Last Friday, April 12, we discussed a new vulnerability in the PAN-OS operating system, used in Palo Alto Networks’ network gateways. At that time, the company acknowledged that the vulnerability, designated CVE-2024-3400, had been...
Six years ago, a vulnerability was discovered in the Lighttpd web server, which is used in server board management controllers. It was promptly rectified; however, products from many major manufacturers, including Intel and Lenovo,...
ESET reports on a new malicious campaign targeting users in South Asia, initiated in November 2021 and disseminating malware through specialized websites and the Google Play Store. The infected applications, while providing legitimate functionalities,...
In March 2024, cybercriminals launched an attack on dozens of organizations in Germany using a PowerShell script, presumably developed with the aid of artificial intelligence. The campaign involved the distribution of the infostealer Rhadamanthys....
In a recent series of cyberattacks, an unidentified group of hackers infiltrated the systems of two key Israeli ministries—the Ministry of Defense and the Ministry of Justice—raising alarms at the highest levels of national...
Researchers have uncovered a new large-scale attack utilizing the malicious Raspberry Robin software. Since March 2024, cybercriminals have actively been distributing it through modified Windows Script Files (WSF). As noted by HP Wolf Security...
Cybersecurity specialists have uncovered a sophisticated multi-stage attack employing phishing messages themed around invoices to disseminate various types of malicious software, including Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and different info stealers targeting...
Researchers at the University of Amsterdam have uncovered a novel attack methodology, Native BHI, that enables hackers to access data stored in the Linux kernel’s memory on computers equipped with Intel processors. This method...
Recently, researchers at Malwarebytes have observed an ongoing wave of cyber attacks targeted at system administrators via fraudulent advertisements for PuTTY and FileZilla utilities. These advertisements appear as sponsored results in the Google search...
