Sunday, May 26, 2024

Microsoft Announces Phasing Out VBScript for JavaScript and PowerShell

As part of plans to favour the release of more advanced alternative applications such as JavaScript and PowerShell, Microsoft on Wednesday announced the deprecation...

Flaws in Python Package for AI Models and PDF.js Used by Firefox Could Become a Goldmine for Cybercriminals

According to cybersecurity researchers, a loophole in llama_cpp_python python package tagged CVE-2024-34359 with a CVSS score of 9.7 could result in exploitation by threat actors. One of the...

GitHub and FileZilla Becomes a Platform for Delivering Cocktail Malware

Cybercriminals (Possibly Russian-speaking threat actors from the Commonwealth of Independent States) impersonating 1Password, Bartender 5 and Pixelmator software and fake Github profiles and repositories begin...

The Surge of Spam: How Enterprises are Overwhelmed by Emails and Phone Calls

A recent discovery by cybersecurity researchers revealed an ongoing social engineering campaign targeting and attacking enterprises with massive spam emails aiming to achieve access...

Critical F5 Central Manager Vulnerabilities Puts Clients at Risk of Full Device Takeover

The two critical security vulnerabilities are tagged CVE-2024-21793 and CVE-2024-26026. CVE-2024-21793 has a CVSS score of 7.5. It’s a 0Data  injection vulnerability capable of allowing unauthenticated attackers to gain...

Over 50,000 Hosts Vulnerable to Remote Code Execution Due to Critical Tinyproxy Flaw

A critical vulnerability, tracked as CVE-2023-49606, has been discovered in Tinyproxy, an HTTP/HTTPS proxy tool. This vulnerability allows unauthenticated attackers to execute arbitrary code...

Aruba Devices Exposed to RCE Attack Due to Four Critical Vulnerabilities 

The four critical vulnerabilities listed below among ten found security flaws have contributed immensely to the exposure by impacting Mobility Conductor (formerly Mobility Master), Mobility Controllers, and...

Default Passwords Are No Longer Acceptable From April 2024 on Smart Devices

Information from the U.K. National Cyber Security (NCSC) has highlighted beckoning manufacturers of smart devices to comply with new legislation prohibiting default passwords. The...

Two Cisco Zero-Day Vulnerabilities Get Exploited by State-Sponsored Hackers for Espionage

The cybersecurity report has highlighted two highly critical zero-day vulnerabilities in Cisco networking gear. Threat actors have exploited these vulnerabilities to deliver custom malware...

Iranian Firms and Accomplices in Cyber Attack Sanctioned by U.S. Treasury

The United States treasury has taken a significant step by sanctioning an Iranian firm and individuals involved in a severe cyber attack. The statement...

U.S Auto Industry Facing Attack by FIN7 Cybercrime Group

Cybersecurity Analysts have linked an active spear-phishing campaign targeting the U.S. automotive industry to FIN7, a cybercrime syndicate with records of several nefarious acts....

The Lockbit Ransomware Group Strikes Again

The Lockbit ransomware group has attacked Nine Dragon (ND) Paper, a leading manufacturer of high-quality and sustainable pulp, packaging, and paper products. The company...

Hunters Ransomware group has attacked multiple businesses and caused varying degrees of damage.

Hunters Ransomware group has attacked multiple businesses and caused varying degrees of damage. Victims are listed below: Caxton &CPT Printer and Publishers Ltd: This company...

German Firms Suffer Attack from TA547.

TA547, a threat actor famous for financially motivated malicious actions, has attacked dozens of German businesses using Rhadamanthys stealer in a phishing attack aimed at the...

92,000 D-Link NAS Devices Left Vulnerable to Malware Attacks

Reports from cybersecurity researchers revealed the active scanning and exploitation of security flaws tracked as CVE-2024-327, with a CVSS score of 9.8, and CVE-2024-3273, with a...

Ivanti Hackers Exposed by Cybersecurity Researchers

Cybersecurity researchers have successfully linked the zero-day exploitation of the Ivanti security flaws to a group of China-linked hackers. The three flaws involved are...

Web Servers at Risk of DoS Attacks by Threat Actors

Cyber security researchers have discovered a loophole in HTTP/2 protocol, potentially aiding denial-of-service attacks. According to the report, the vulnerability originates from improper sanitation...

Privacy Lawsuit Settlement Resulted in Google Deleting Billions of Incognito Mode Browsing Records

The class action filed in 2020 against Google, accusing the tech giant of tracking their internet browsing activities as resulted in the tech giant agreeing to...

Linux Users At Risk Of Password Exposure Due To New Bug In The Operating System

A vulnerability called WallEscape, tracked as CVE-2024-28085 by security researchers, is said to exhibit the ability to enable threat actors to access and leak...

Lockbit ransomware group keeps attacking businesses amidst the unending cyberwar between the group and government agencies

Lockbit ransomware group keeps attacking businesses amidst the unending cyberwar between the group and government agencies. The group has attacked the companies like the...