Category: Information Security

Vcurms RAT: New Attack Targets Java Systems

Fortinet’s FortiGuard Labs has unearthed a grave cyber threat dubbed Vcurms RAT, crafted by malefactors who employ email as a command-and-control center and utilize public services such as AWS and GitHub for harboring malicious...

GhostRace: New Attack Bypasses OS Security

A new threat, codenamed GhostRace (CVE-2024-2193), has been identified by research teams from the Vrije Universiteit Amsterdam and IBM Research Europe. This vulnerability compromises the foundational security tools of operating systems and may result...

BIPClip Malware: A New Threat to Crypto Developers

Recently, the Python Package Index (PyPI) repository uncovered seven packages engineered for the theft of BIP39 mnemonic phrases, which are utilized for the restoration of private keys in cryptocurrency wallets. This operation, dubbed BIPClip...

Exposed: 12.8 Million Credentials Leaked on GitHub

In 2023, GitHub users inadvertently disclosed approximately 12.8 million credentials and other confidential secrets across more than 3 million public repositories. Cybersecurity experts at GitGuardian, upon investigating this issue, dispatched 1.8 million cautionary emails...

CVE-2024-1403: The Threat to Progress Software Users

In the realm of cybersecurity, a critical vulnerability has been discovered affecting Progress Software products, specifically the OpenEdge Authentication Gateway and AdminServer. This flaw poses a significant threat to authentication mechanisms, potentially allowing malefactors...

French Government Websites Crippled in DDoS Attack

Several French governmental organizations have experienced cyberattacks of unprecedented intensity, as reported by the country’s Prime Minister’s office on March 11th. These attacks commenced on the evening of March 10th, and while their exact...

BianLian Exploits TeamCity Flaws for Ransomware

GuidePoint Security, a cybersecurity firm, has uncovered that the BianLian group is exploiting vulnerabilities in the JetBrains TeamCity software to carry out ransomware attacks. Experts have documented a sequence of attacks initiated through the...

Moxa NPort Bug: Remote Code Execution Possible

Moxa expressed its gratitude to the experts at Positive Technologies for identifying a dangerous vulnerability in the NPort series of wireless industrial converters. Classified as CVE-2024-1220, this vulnerability was rated as high risk with...