Conor Fitzpatrick, a 21-year-old New York resident known online as “Pompompurin,” previously the administrator of the BreachForums, has been sentenced to 15 years in prison. Fitzpatrick was arrested by the FBI in March 2023...
Pegasus is considered one of the most powerful spyware programs available today, with a far more comprehensive data-stealing capability than other spyware programs, including the ability to collect information on everything from high-value data...
A team of researchers from the Polish company STM Cyber uncovered serious vulnerabilities in payment terminals manufactured by the Chinese firm PAX. These vulnerabilities enable cybercriminals to execute arbitrary code on PoS terminals. The...
According to a recent study by Zimperium, 29 malware families have targeted 1,800 banking apps in 61 countries in 2023. This is nearly 3 times more than in 2022 when 10 malware families targeted...
The Beijing-based company Qianxin Xlabs has issued a warning that since 2015, the hacker group Bigpanzi has been infecting Android TVs and eCos set-top boxes with malware across the globe. It is believed that...
Recently, GitHub rectified a vulnerability, CVE-2024-0200, in its Enterprise Server. This flaw, associated with Unsafe Reflection, permitted malefactors to execute remote code on unprotected servers. It granted access to the environment variables of production...
Specialists at Kaspersky Lab have shared their experience in analyzing iOS devices infected with the Pegasus spyware developed by the Israeli company NSO Group. It was found that malicious software leaves traces in the...
The development of artificial intelligence systems is gaining momentum. An increasing number of companies are turning to Graphics Processing Units (GPUs) for the essential computational power needed to operate large language models and swiftly...
Researchers from the French company Quarkslab have discovered a multitude of serious vulnerabilities in Tianocore EDK II, an open implementation of the UEFI specification, which could be exploited for remote code execution. Nine vulnerabilities,...
Malicious actors exploit vulnerabilities, known for several years, to deploy the Androxgh0st malware and create a botnet aimed at stealing cloud-based credentials. This has been reported by the Federal Bureau of Investigation (FBI) and...
Citrix emphatically advises its users to promptly install patches on Netscaler ADC and Netscaler Gateway devices connected to the internet, to avert attacks associated with two newly exploited zero-day vulnerabilities. These security flaws, designated...
Cybersecurity researchers have discovered a new macOS backdoor called SpectralBlur. Notably, this backdoor has similarities to the KandyKorn malware family used by North Korean hackers in recently identified cyberattacks. The SpectralBlur malware was originally...
Cybersecurity firm Bishop Fox has discovered that over 178,000 of SonicWall next-generation firewalls (NGFW), with online accessible management interfaces, are vulnerable to Denial of Service (DoS) attacks and Remote Code Execution (RCE). The devices...
Earlier this month, we discussed the zero-day vulnerabilities in Ivanti products. A recent analysis by Mandiant revealed that attackers employed five distinct malware families in their assaults, including Zipline, Thinspool Dropper, Wirefire, Lightwire, and...
A recently discovered vulnerability in Windows SmartScreen is being actively exploited in attacks that lead to the infection with the new Phemedrone stealer, warns Trend Micro. The vulnerability, CVE-2023-36025, scored 8.8 on the CVSS...
Security specialists at Sucuri have discovered a new campaign by Balada Injector, initiated in mid-December 2023. This campaign has led to the infection of over 6700 WordPress sites using a vulnerable version of the...
