In the shadowy world of cyber espionage, the Kimsuky threat group, believed to be backed by North Korea, stands out for its persistent and evolving tactics. Active since 2013, Kimsuky initially focused on South...
A software engineer from SkySafe, Mark Newlin, discovered a perilous vulnerability in Bluetooth, that existed since around 2012. This flaw enables malefactors to connect to Apple, Android, and Linux devices without authentication and execute...
Apache Struts, the popular open-source framework for building Java web applications, has been hit by a critical vulnerability (CVE-2023-50164) that could allow attackers to remotely execute code on vulnerable servers. This is a serious...
Although Microsoft has yet to confirm the name of the next Windows operating system, Intel executives have recently disclosed that it will be called Windows 12. The upcoming version, codenamed Hudson Valley, is said...
A critical vulnerability discovered in WordPress versions 6.4 and 6.4.1 could allow attackers to execute arbitrary PHP code on your website, potentially leading to complete site takeover. While not directly exploitable on its own,...
curl, a popular tool for transferring data from or to a server, has been found to harbor two vulnerabilities that could expose users to cookie hijacking and HSTS data loss. These vulnerabilities, collectively known...
In the ever-evolving world of cyber threats, a new era is upon us, characterized by the proliferation of DDoS-for-hire services. As a testament to their time-tested efficiency, Distributed Denial-of-Service (DDoS) attacks continue to be...
A critical Remote Code Execution (RCE) vulnerability, tracked as CVE-2023-22524 (CVSS score of 9.6), has been discovered in the Atlassian Companion App for MacOS. This vulnerability allows an attacker to execute arbitrary code on...
Attention all Confluence Data Center and Confluence Server users: A critical vulnerability, identified as CVE-2023-22522 (CVSS score of 9.0), has been discovered that allows remote code execution (RCE) on affected instances. This vulnerability poses...
As of January 31 this year, the downloadable version of the Windows 10 operating system has ceased sales, with subsequent security updates only being provided until October 14, 2025. To address the ongoing usage...
In recent times, cybersecurity has become a paramount concern for organizations of all sizes, including government agencies. With the increasing sophistication of cyber threats, federal agencies must take proactive measures to protect their systems...
In the ever-shifting landscape of cybersecurity, TA422 (APT28), a Russian advanced persistent threat, has emerged as a formidable actor, engaging in consistent phishing activities targeting entities across Europe and North America. Proofpoint researchers have...
A critical vulnerability has been discovered in the administrative web interface of Atos Unify OpenScape products, leaving these systems vulnerable to unauthenticated access and unauthorized control. This alarming flaw, identified as CVE-2023-6269 and assigned...
Recently, Lenovo unveiled a new product named Chromebox Micro at the Digital Signage Expo 2023 held in Las Vegas, USA. Lenovo describes the Chromebox Micro as an ultra-slim, reasonably priced media player that delivers...
In the realm of web development, HtmlUnit stands as a prominent open-source, headless web browser for Java. It empowers developers to seamlessly interact with web pages programmatically, making it a popular choice for web...
Check Point Research Report delves into the escalating activities of Iranian hacktivist groups. These groups initially focused on Israel, have now expanded their cyber frontlines, increasingly targeting entities in the United States and beyond....