A new study by the University of Chicago has uncovered a vulnerability within the Meta Quest VR system that allows malefactors to hijack user devices, pilfer confidential information, and manipulate social interactions using generative...
GuidePoint Security, a cybersecurity firm, has uncovered that the BianLian group is exploiting vulnerabilities in the JetBrains TeamCity software to carry out ransomware attacks. Experts have documented a sequence of attacks initiated through the...
Moxa expressed its gratitude to the experts at Positive Technologies for identifying a dangerous vulnerability in the NPort series of wireless industrial converters. Classified as CVE-2024-1220, this vulnerability was rated as high risk with...
The group known as Magnet Goblin has been actively exploiting vulnerabilities in publicly accessible servers to deploy malware on Windows and Linux systems. This group focuses on exploiting 1-day vulnerabilities—security flaws that have been...
A critical vulnerability in Fortinet’s security systems has impacted approximately 150,000 devices worldwide. The vulnerability, CVE-2024-21762 (CVSS score: 9.8), is characterized as an out-of-bounds write issue in FortiOS, enabling an unauthenticated attacker to execute...
A report by the leading company Proofpoint has unveiled a sophisticated cyber fraud scheme orchestrated by the hacker group TA4903. This gang specializes in Business Email Compromise (BEC) attacks and has, over the past...
In recent times, cybercriminals have intensified their assaults on WordPress-based sites, employing a cunning method of infection. Sucuri, a company specializing in web security, has uncovered a new campaign aimed at script injection. Previously,...
Cybereason has identified a new malware variant named Snake, which proliferates through Facebook messages. This Python-written infostealer is designed to pilfer confidential user data. The stolen data are transmitted across various platforms, including Discord,...
Recently, cybersecurity experts worldwide have observed an uptick in hacker attacks targeting improperly configured cloud servers running on Apache Hadoop, Docker, Confluence, and Redis. In one of these recent attacks, malefactors deployed a novel...
The Canadian Financial Transactions and Reports Analysis Centre (FINTRAC) announced the shutdown of its corporate systems due to a cybersecurity incident. Details of the incident remain undisclosed; however, it is known that FINTRAC is...
ThreatMon, a cyber threat analysis platform, has reported the emergence of an advertisement on a notorious hacker forum offering a Zero Day exploit for WordPress for sale. The vendor claims that this exploit, implemented...
The international cybercriminal syndicate GhostSec, implicated in the creation and dissemination of ransomware named GhostLocker, is rapidly expanding the scope of its malevolent operations, encroaching upon an increasing number of countries. According to a...
A financial institution in Vietnam became the target of a previously unknown hacking collective, dubbed Lotus Bane. This group was identified by cybersecurity experts in March 2023, though it is believed to have been...
Specialists at FortiGuard Labs have uncovered a new threat to the financial sector in South America, specifically targeting Brazilian residents for bank credential theft. The banking trojan, dubbed CHAVECLOAK, is spread via an infected...
In a sophisticated cyberattack targeting a major corporation, malefactors employed the open-source QEMU hypervisor platform as a tool for creating a network tunnel. QEMU, a free emulator and hypervisor, facilitates the operation of various...
Apple has issued critical security updates to address two zero-day vulnerabilities in iOS, which have been exploited in real-world attacks against iPhone users. The company disclosed this information on March 5th in a separate...
