APIs Under Attack: $75 Billion Annual Cost
In a recent report titled “The State of API Security in 2024” by Imperva, it was revealed that the majority of internet traffic, approximately 70%, is attributed to API calls. In 2023, an average...
Category: Vulnerability
Ethereum Wallets Under Attack: CREATE2 Exploit Exposed
Specialists at Check Point Research have uncovered a method of attacking Ethereum blockchain wallets via the CREATE2 function, which enables cybercriminals to circumvent standard security measures and gain unauthorized access to users’ funds. The...
Apex Legends Finals Halted: Integrity Breach Rocks Tournament
The finale of the North American division of the esteemed eSports discipline Apex Legends was abruptly suspended due to a breach of “competitive integrity.” A nefarious individual managed to infiltrate the computers of professional...
CVE-2023-5528: Critical Kubernetes Exploit Grants Attackers SYSTEM Privileges
Security experts have recently disclosed a high-severity vulnerability in Kubernetes that, under certain conditions, could allow an attacker to remotely execute code with elevated privileges. “The vulnerability allows remote code execution with SYSTEM privileges on...
Critical Fortinet EMS Flaw Fixed: Update Now!
Fortinet has released an update to rectify a critical vulnerability in the FortiClient Enterprise Management Server (EMS) software, which allowed attackers to remotely execute code on susceptible servers. FortiClient EMS provides administrators with tools...
Zero-Day Attack: DarkGate Targets Windows CVE-2024-21412 Vulnerability
In mid-January, security researchers identified a significant campaign distributing the malicious software DarkGate, exploiting a recently patched Microsoft Windows security vulnerability in a zero-day fashion, that is, before its correction. According to Trend Micro,...
GhostRace: New Attack Bypasses OS Security
A new threat, codenamed GhostRace (CVE-2024-2193), has been identified by research teams from the Vrije Universiteit Amsterdam and IBM Research Europe. This vulnerability compromises the foundational security tools of operating systems and may result...
Critical Android 14 Flaw: Bluetooth Vulnerability Uncovered
The team behind GrapheneOS, which is dedicated to developing a secure iteration of the Android Open Source Project (AOSP), identified a flaw within the Bluetooth stack of Android 14 that could lead to remote...
Intel Shields Processors, Mitigates Register File Data Sampling Exploit
Intel has updated the microcode for its processors to address five security vulnerabilities and has also integrated new code into the Linux kernel to mitigate the effects of a new vulnerability (CVE-2023-28746) related to...
3,900+ WordPress Sites Hit in Plugin Attack
Over the last three weeks, more than 3,900 WordPress sites have been targeted in a new malicious campaign aimed at exploiting a vulnerability in the Popup Builder plugin to inject harmful JavaScript content into...
CVE-2024-1403: The Threat to Progress Software Users
In the realm of cybersecurity, a critical vulnerability has been discovered affecting Progress Software products, specifically the OpenEdge Authentication Gateway and AdminServer. This flaw poses a significant threat to authentication mechanisms, potentially allowing malefactors...
Meta Quest VR Hack: “Inception Attack” Exposed
A new study by the University of Chicago has uncovered a vulnerability within the Meta Quest VR system that allows malefactors to hijack user devices, pilfer confidential information, and manipulate social interactions using generative...