The MalwareHunterTeam has reported that nearly 2,000 compromised WordPress sites are being used to display fraudulent pop-up ads offering NFT deals and cryptocurrency discounts. This campaign aims to deceitfully prompt visitors to connect their...
Experts at Palo Alto Networks have discovered that cybercriminals are increasingly resorting to so-called “scanning attacks,” initiated by malicious software, to detect vulnerabilities within target networks. Intriguingly, a significant majority of such attacks originate...
According to Trustwave SpiderLabs, Latin America has been hit by a new phishing campaign that infects Windows systems through emails. The attack begins with the distribution of emails containing a ZIP file attachment. Upon...
Over 16,500 Ivanti Connect Secure and Policy Secure gateways accessible via the Internet are at risk due to a high-severity vulnerability that enables remote code execution (RCE) and denial of service (DoS) attacks. The...
Cybersecurity experts are alerting to a new wave of attacks targeting Portuguese-speaking countries using fake Adobe Reader installers to disseminate a multifunctional malware known as Byakugan. The attack commences with a PDF file that,...
The Cybersecurity and Infrastructure Security Agency (CISA) along with several leading global organizations have issued a new warning about critical vulnerabilities in the products of IT giant Ivanti. According to experts, these issues, identified...
Hoya Corporation, one of the world’s largest manufacturers of eyeglass lenses, medical endoscopes, and other optical equipment, experienced a significant disruption in its IT systems, affecting the production capabilities and order system for some...
According to a recent report by Cisco Talos, since May 2023, Vietnamese hackers have been disseminating a new info-stealer aimed at acquiring financial data. The campaign, named CoralRaider, has targeted victims in India, China,...
Visa has issued a warning about the increased activity of a new version of the malicious software JsOutProx, targeting financial institutions and their clients. The campaign has affected institutions in South and Southeast Asia,...
Specialists from Proofpoint and Team Cymru have uncovered a novel malware dubbed Latrodectus, considered an evolution of the well-known IcedID loader, which has been actively deployed in phishing campaigns since November 2023. Initially identified...
The team behind the FixedFloat project has disclosed details of a second security breach of their platform, orchestrated by the same cybercriminals responsible for the February attack. On April 1st, malefactors exploited a vulnerability...
A new vulnerability in the HTTP/2 protocol could be exploited to execute Denial of Service (DoS) attacks. This discovery, dubbed “HTTP/2 CONTINUATION Flood,” was made by cybersecurity researcher Bartek Nowotarski, who reported the issue...
In the widely utilized WordPress plugin LayerSlider, which is employed on over a million websites to craft responsive sliders, image galleries, and animations, a critical vulnerability was recently identified that enables SQL injection without...
The banking trojan Mispadu, previously known for its attacks on Latin America and Spanish-speaking users, is now targeting residents of Italy, Poland, and Sweden. According to research by Morphisec, the campaign’s targets include representatives...
Google has remedied a critical vulnerability in the Chrome browser, identified during the Pwn2Own 2024 competition in Vancouver. The vulnerability, CVE-2024-3159, stems from an out-of-bounds read error in the JavaScript V8 engine, potentially allowing...
Jackson County, a Missouri jurisdiction home to over 715,000 residents, fell victim to a ransomware attack that disrupted its tax payment system and online services, including property registration, marriage license issuance, and inmate searches....