In the shadowy world of cyber espionage, the Kimsuky threat group, believed to be backed by North Korea, stands out for its persistent and evolving tactics. Active since 2013, Kimsuky initially focused on South...
A software engineer from SkySafe, Mark Newlin, discovered a perilous vulnerability in Bluetooth, that existed since around 2012. This flaw enables malefactors to connect to Apple, Android, and Linux devices without authentication and execute...
Apache Struts, the popular open-source framework for building Java web applications, has been hit by a critical vulnerability (CVE-2023-50164) that could allow attackers to remotely execute code on vulnerable servers. This is a serious...
A critical vulnerability discovered in WordPress versions 6.4 and 6.4.1 could allow attackers to execute arbitrary PHP code on your website, potentially leading to complete site takeover. While not directly exploitable on its own,...
curl, a popular tool for transferring data from or to a server, has been found to harbor two vulnerabilities that could expose users to cookie hijacking and HSTS data loss. These vulnerabilities, collectively known...
In the ever-evolving world of cyber threats, a new era is upon us, characterized by the proliferation of DDoS-for-hire services. As a testament to their time-tested efficiency, Distributed Denial-of-Service (DDoS) attacks continue to be...
A critical Remote Code Execution (RCE) vulnerability, tracked as CVE-2023-22524 (CVSS score of 9.6), has been discovered in the Atlassian Companion App for MacOS. This vulnerability allows an attacker to execute arbitrary code on...
Attention all Confluence Data Center and Confluence Server users: A critical vulnerability, identified as CVE-2023-22522 (CVSS score of 9.0), has been discovered that allows remote code execution (RCE) on affected instances. This vulnerability poses...
In recent times, cybersecurity has become a paramount concern for organizations of all sizes, including government agencies. With the increasing sophistication of cyber threats, federal agencies must take proactive measures to protect their systems...
In the ever-shifting landscape of cybersecurity, TA422 (APT28), a Russian advanced persistent threat, has emerged as a formidable actor, engaging in consistent phishing activities targeting entities across Europe and North America. Proofpoint researchers have...
A critical vulnerability has been discovered in the administrative web interface of Atos Unify OpenScape products, leaving these systems vulnerable to unauthenticated access and unauthorized control. This alarming flaw, identified as CVE-2023-6269 and assigned...
In the realm of web development, HtmlUnit stands as a prominent open-source, headless web browser for Java. It empowers developers to seamlessly interact with web pages programmatically, making it a popular choice for web...
Check Point Research Report delves into the escalating activities of Iranian hacktivist groups. These groups initially focused on Israel, have now expanded their cyber frontlines, increasingly targeting entities in the United States and beyond....
Developer CelesteBlue has announced the creation of PsFree, a new web exploit for the PS4 with firmware versions ranging from 6.00 to 9.60. This exploit is already available for pre-release and is also expected...
The ransomware group ALPHV/BlackCat has claimed to have gained access to the data of companies Roblox and Twitch. This breach is reportedly a consequence of hacking Tipalti, a provider of accounting software solutions. ALPHV...
A North Korean hacking organization known as Andariel has been stealthily operating, wreaking havoc on South Korean defense firms and repatriating ill-gotten gains from ransomware attacks. Their audacious operations, recently uncovered by a joint...
