Security researchers at Horizon3 have disclosed a Proof-of-Concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiClient EMS, which is currently being actively exploited by hackers. The SQL injection vulnerability, CVE-2023-48788 (with a CVSS...
Annually in August, thousands of cybersecurity professionals gather in Las Vegas for an event often dubbed the “hackers’ summer camp.” This period marks the convening of two of the largest information security conferences: Black...
The cybercrime collective known as UNC4210 orchestrated an assault on the digital infrastructure of a European non-governmental organization, deploying the malign software TinyTurla-NG to establish a backdoor. This cyberattack was meticulously documented in a...
In a recent report by Unit 42 researchers from Palo Alto Networks, a new series of phishing attacks aimed at disseminating malicious software named StrelaStealer has been identified. This threat has impacted over 100...
Researchers have uncovered a grave vulnerability within the microarchitecture of Apple’s M-series chips, enabling malefactors to extract secret keys from Mac devices, encompassing both computers and laptops. The crux of the issue lies in...
In the context of an international operation led by Germany, the activity of the popular overseas illicit trading platform Nemesis was halted. Local police reported the seizure of the resource’s infrastructure and the shutdown...
Ivanti has issued a warning regarding a critical vulnerability in its Standalone Sentry product, which allows attackers to remotely execute arbitrary commands. Designated as CVE-2023-41724, this vulnerability has been rated at 9.6 on the...
U.S. authorities have expressed concerns regarding the actions of the Chinese hacking group Volt Typhoon, warning owners and operators of critical infrastructure about the necessity of defending against potential devastating cyber attacks. A new...
For not the first time, the popular Linux application store, Snap Store, operated by Canonical, has found itself harboring fraudulent cryptocurrency wallets masquerading as renowned brands. Previously, in February of this year, security researchers...
The Israeli cybersecurity firm Perception Point has unveiled details of a new phishing campaign targeting American organizations. The operation, code-named PhantomBlu, aims to infiltrate systems with the NetSupport RAT, a malicious version of the...
In Ukraine, authorities have apprehended three individuals suspected of hacking over 100 million emails and Instagram accounts worldwide. The culprits, aged between 20 and 40, employed specialized software to crack passwords through brute force...
In a recent report titled “The State of API Security in 2024” by Imperva, it was revealed that the majority of internet traffic, approximately 70%, is attributed to API calls. In 2023, an average...
Security researchers at SentinelLabs have uncovered a new variant of the wiper, AcidRain, meticulously engineered for assaults on Linux x86 devices. Dubbed AcidPour, this malicious entity manifests as a binary ELF file, tailored for...
The Biden administration has issued a stark warning regarding the risk of cyberattacks targeting the United States’ water supply systems, highlighting the continuous threats posed by hackers affiliated with the governments of Iran and...
Netskope Threat Labs has uncovered a new campaign leveraging Google Sites phishing pages to disseminate the info-stealer AZORult. This phishing endeavor is not yet attributed to any specific malefactor or group; it aims to...
Over the past weekend, an immense database containing more than 70 million records, purportedly stolen from the American telecommunications behemoth AT&T in 2021, was discovered on a cybercriminal forum. According to Dark Web Informer,...
