San Francisco, CA – OpenAI has announced the launch of SearchGPT, a groundbreaking prototype designed to revolutionize how users search for information online. This innovative tool combines the advanced capabilities of OpenAI’s AI models with real-time web data to provide…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Play & LockBit Ransomware Join Hands to Launch Cyber Attacks
Play Ransomware and LockBit Ransomware have reportedly allied to enhance their capabilities in launching cyber attacks. This collaboration, which involves a significant financial transaction and training exchange, has raised alarms among cybersecurity experts and organizations worldwide. Financial Transaction and Training…
Threat Actors Claiming Leak of IOC list with 250M Data, CrowdStrike Responded
A hacktivist entity known as USDoD has asserted that it has leaked CrowdStrike’s “entire threat actor list” and claims to possess the company’s “entire IOC [indicators of compromise] list,” which purportedly contains over 250 million data points. Details of the…
Google Chrome Warns of Malicious Files While Downloading
Google Chrome has introduced a revamped download experience with comprehensive warnings about potentially malicious files. This update is part of Chrome’s ongoing effort to keep users secure while interacting with downloaded content. Last year, Google Chrome unveiled a redesigned downloads…
Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication
Researchers have uncovered a vulnerability in Microsoft’s Windows Hello for Business (WHfB) that allows attackers to bypass its robust authentication mechanism. This flaw, which downgrades the authentication process to a less secure method, has raised concerns about the security of…
LummaC2 Malware Using Steam Gaming Platform as C2 Server
Cybersecurity experts have uncovered a sophisticated variant of the LummaC2 malware that leverages the popular Steam gaming platform as a Command-and-Control (C2) server. This new tactic marks a significant evolution in the malware’s distribution and operational mechanisms, posing a heightened…
Ukraine Hackers Hit Major Russian banks with DDoS attacks
Several prominent Russian bank clients experienced issues with their mobile apps and websites. According to Downdetector, complaints began to surge around 09:30 Moscow time. The affected banks included Gazprombank, Alfa-Bank, VTB, and Rosbank. By midday, Post Bank clients also reported…
ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents
A rudimentary ransomware targets Turkish businesses through phishing emails with “.ru” domain sender addresses. Clicking a PDF attachment’s link triggers downloading a malicious executable from a compromised GitHub account. The executable encrypts crucial files with the “.shadowroot” extension, highlighting a…
BlueStacks Emulator For Windows Flaw Exposes Millions Of Gamers To Attack
A significant vulnerability was discovered in BlueStacks, the world’s fastest Android emulator and cloud gaming platform. When used against a victim, this gives attackers complete access to the machine. The American technology business BlueStacks, also known as BlueStacks by now.gg,…
Chinese Hackers Using Shared Framework To Create Multi-Platform Malware
Shared frameworks are often prone to hackers’ abuses as they have been built into various applications, which offer a range of systems that can be exploited at the same time. By attacking shared framework vulnerabilities, hackers can get into many…
Beware Of Malicious Python Packages That Steal Users Sensitive Data
Malicious Python packages uploaded by “dsfsdfds” to PyPI infiltrated user systems by exfiltrating sensitive data to a Telegram bot likely linked to Iraqi cybercriminals. Active since 2022 and containing more than 90,000 Arabic messages, it has functioned as both a…
250 Million Hamster Kombat Players Targeted Via Android And Windows Malware
Despite having simple gameplay, the new Telegram clicker game Hamster Kombat has become very well-liked among gamers who use cryptocurrencies because of the potential rewards of a brand-new cryptocoin that the developers intend to launch. The game’s success has spawned…
BreachForumsV1 Database Leaked: Private messages, Emails & IP Exposed
BreachForumsV1, a notorious online platform for facilitating illegal activities, has reportedly suffered a massive data breach. According to a recent post on X by DailyDarkWeb, the database of BreachForumsV1 has been leaked, exposing a treasure trove of sensitive information. The…
Google Chrome 127 Released with a fix for 24 Security Vulnerabilities
Google has unveiled the latest version of its Chrome browser, Chrome 127, which is now available on the Stable channel. The update, identified as version 127.0.6533.72/73 for Windows and Mac, and 127.0.6533.72 for Linux, will be rolled out over the…
Researchers Detail on How Defenders Eliminate Detection Gaps in AWS Environments
As enterprises increasingly migrate their workloads to cloud infrastructure, the need for robust security measures becomes more pressing. Unlike traditional data centers, cloud environments offer business agility at a reduced cost, making them attractive targets for cybercriminals. Defending cloud infrastructure,…
Pentagon IT Service Provider Hacked: U.S. Government Secrets Exposed
A massive breach in cybersecurity has occurred at Leidos Holdings Inc., which is a key provider of information technology services to the United States government. Hackers have released internal information, which has raised significant worries regarding the safety of sensitive…
Hackers Abusing Google Cloud For Phishing
Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be abused for a multitude of malicious activities. The vast amounts of data and computing power that…
Beware Of Dating Apps Exposing Your Personal And Location Details To Cyber Criminals
Threat actors often attack dating apps to steal personal data, including sensitive data and location details, which can be used in identity theft, blackmailing people, or other malicious activities. Since these applications are a goldmine of personal experiences and chats,…
Two Russian Nationals Charged for Cyber Attacks against U.S. Critical Infrastructure
The United States has designated Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR), for their roles in cyber operations targeting U.S. critical infrastructure. Pankratova, the group’s leader, and…
Threat Actors Taking Advantage of CrowdStrike BSOD Bug to Deliver Malware
Threat actors have been found exploiting a recently discovered bug in CrowdStrike’s software that causes a Blue Screen of Death (BSOD) on affected systems. This vulnerability has given cybercriminals a unique opportunity to spread malware, posing significant risks to users…
NCA Shut’s Down the Most Popular “digitalstress” DDoS-for-hire Service
The National Crime Agency (NCA) has successfully infiltrated and dismantled one of the most notorious Distributed Denial of Service (DDoS) for hire services, digitalstress.su. This criminal marketplace, responsible for tens of thousands of attacks weekly worldwide, was taken down through…
Play Ransomware’s Linux Variant Attacking VMware ESXi Servers
A new Linux variant of Play ransomware targets VMware ESXi environments, which encrypts virtual machine files and appends the “.PLAY” extension by leveraging obfuscation techniques to bypass detection and is compressed with a Windows variant in a RAR archive. It…
SonicOS IPSec VPN Vulnerability Let Attackers Cause Dos Condition
SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN. This flaw, identified as CVE-2024-40764, can potentially allow unauthenticated, remote attackers to cause a Denial of Service (DoS) condition. The vulnerability has been rated with a…
Hackers Registered 500k+ Domains Using Algorithms For Extensive Cyber Attack
Hackers often register new domains for phishing attacks, spreading malware, and other deceitful activities. Such domains are capable of pretending to be trusted entities, which helps to make individuals disclose their sensitive details or download harmful content. Cybersecurity researchers at…
Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed
Daikin, the world’s largest air conditioner manufacturer, has become the latest target of the notorious Meow hacking group. The USA branch of Daikin has been listed as a victim, with hackers demanding a ransom of $40,000. The incident has raised…
Emojis Are To Express Emotions, But CyberCriminals For Attacks
There are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication. While seemingly harmless, criminals are increasingly exploiting emojis for covert communication in illegal activities. This allows them to conduct transactions and target victims…
Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre
SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024, as the infection chain still begins with a compromised website prompting a fake browser update. Downloading the update triggers malicious code that fetches additional malware. Unlike…
Data Breach Increases by Over 1,000% Annually
The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support identity crime victims, released its U.S. data breach findings for the second quarter (Q2) and the first half (H1) of 2024. The results are staggering, revealing…
UK Police Arrested 17-year-old Boy Responsible for MGM Resorts Hack
UK police have arrested a 17-year-old boy from Walsall in connection with a notorious cyber hacking group. This group has targeted significant organizations worldwide, including MGM Resorts in the United States, with sophisticated ransomware attacks. Arrest Made in Coordinated Effort…
Hackers Claiming Dettol Data Breach: 453,646 users Impacted
A significant data breach has been reported by a threat actor known as ‘Hana,’ who claims to have compromised the personal information of 453,646 users of Dettol India. The breach was announced via a post on the social media platform…
CrowdStrike Update Triggers Widespread Windows BSOD Crashes
A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…
CrowdStrike Update Triggers Widespread Windows Crashes
A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…
Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets
Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have drained billions from victims’ wallets. This operation, which brings together public and private sectors, has yielded promising results and offers a blueprint for future anti-fraud efforts.…
macOS Users Beware Of Weaponized Meeting App From North Korean Hackers
Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration, frequently carrying sensitive data and user groups that are wide. Such platforms gain trust among their users as of their…
TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs
Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and often have extensive community support, making them easy to modify and deploy. Besides this, open-source tools can be customized to evade detection, automate tasks, and leverage…
Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal
Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which link to a variety of systems via one breach. Compromising an ESXi server can bring the targeted services down. Additionally, valuable resources and data are stored…
MacOS Users Beware Of Weaponized Meeting App From North Korean Hackers
Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration, frequently carrying sensitive data and user groups that are wide. Such platforms gain trust among their users as of their…
Hackers Exploiting Legitimate RMM Tools With BugSleep Malware
Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has escalated its phishing campaigns in Middle East countries, specifically Israel. In their approach, they use already compromised email accounts to spread malicious content across various sectors.…
New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites
HTTP Request Smuggling is a flaw in web security that is derived from variations in the way different web servers or intermediaries, such as load balancers and proxies handle HTTP request sequences. By creating malicious HTTP requests that exploit these…
Cybercriminals Exploit Attack on Donald Trump for Crypto Scams
Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances. The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive…
Volcano Demon Group Attacking Organizations With LukaLocker Ransomware
The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which targets Idealease Inc., a truck leasing company. The malware targets several security, monitoring, and backup services, including antivirus software like Trend Micro, Malware Bytes, Sophos, and…
Resonance Launches Harmony to Monitor and Detect Threats to Web2 and Web3 Apps
Quick take: Resonance, a full-spectrum cybersecurity firm building security solutions for Web2 and Web3 apps has launched Harmony. The asset monitoring tool allows IT teams, organisations, startups and entrepreneurs to make strong detective and preventive measures accessible at any technical…
Beware! of New Phishing Tactics Mimic as HR Attacking Employees
Phishing attacks are becoming increasingly sophisticated, and the latest strategy targeting employees highlights this evolution. This new phishing attempt impersonates a company’s Human Resources (HR) department, presenting a significant threat to corporate security. In this article, we’ll dissect the recent…
MirrorFace Attacking Organizations Exploiting Vulnerabilities In Internet-Facing Assets
MirrorFace threat actors have been targeting media, political organizations, and academic institutions since 2022, shifting focus to manufacturers and research institutions in 2023. The attack method evolved from spear phishing to exploiting vulnerabilities in external assets, specifically in Array AG…
HardBit Ransomware Using Passphrase Protection To Evade Detection
In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn’t use leak sites or double extortion. Their tactics include data theft, encryption, and ransom requests with threats of other attacks. Cybersecurity researchers at Cybereason identified…
New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s
X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internet[.]ru domain. PDF links trigger exe payload downloads, which encrypt files with the “.shadowroot” extension, which is actively compromising various global organizations, including healthcare…
New Poco RAT Weaponizing 7zip Files Using Google Drive
The hackers weaponize 7zip files to pass through security measures and deliver malware effectively. These archived files can hide malicious content, which makes it more difficult for antivirus programs to identify threats. In early 2024, Cofense researchers discovered a new…
Hacktivist Groups Preparing for DDoS Attacks Targeting Paris Olympics
Cyble Research & Intelligence Labs (CRIL) researchers have identified a cyber threat targeting the upcoming Paris Olympics. On June 23, 2024, a Russian hacktivist group known as the “People’s Cyber Army” (Народная Cyber Армия) and their allies, HackNeT, announced their…
Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code
A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as CVE-2024-6744. This flaw assigned a CVSS score of 9.8, poses a severe risk to organizations using this email security solution. CVE-2024-6744: A Critical Vulnerability According to…
GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data
A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle East by leveraging social engineering tactics and using military-themed lures to trick victims into downloading the malware. Based on a…
Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months
The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) announced today that major retail banks will phase out the use of One-Time Passwords (OTPs) for bank account logins within the next three months. This change…
Malicious NuGet Campaign Tricking Developers To Inject Malicious Code
Hackers often target NuGet as it’s a popular package manager for .NET, which developers widely use to share and consume reusable code. Threat actors can distribute malicious code to many projects by compromising the NuGet packages. In August 2023, ReversingLabs…
ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution
ViperSoftX is an advanced malware that has become more complicated since its recognition in 2020, to the extent that eBooks are used on Torrent sites to spread across systems. Unlike other kinds of malware developers who mainly focus on developing…
Akira Ransomware Attacking Airline Industry With Legitimate Tools
Airlines often become the target of hackers as they contain sensitive personal and financial details of passengers as well as travel schedules and loyalty programs. Since airlines are attractive to threat actors, disrupting their operations can be quite damaging to…
Threat Actor Claiming Breach of Coingecko Database, 1.9M Email Address
A threat actor has claimed responsibility for breaching the database of CoinGecko, a leading cryptocurrency data aggregator. The alleged breach has reportedly compromised 1.9 million email addresses, raising significant concerns about data security in the cryptocurrency industry. The Alleged Breach…
Beware Of Weaponized EBooks That Deliver AsyncRAT
EBooks are popular, and their popularity lucrative threat actors the most, as they are widely shared digital assets that can easily circumvent security measures. Threat actors exploit users’ trust in seemingly harmless documents by embedding malware in eBook files or…
DarkGate Malware Exploiting Excel Files And SMB File Shares
DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised Samba shares. Initially a human-operated command-and-control infrastructure, DarkGate has evolved into a versatile tool offering remote…
mSpy Data Breach: Millions of Customers’ Data Exposed
mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing the sensitive information of millions of its customers. The breach, which Brainstack, mSpy’s parent company, has not publicly acknowledged, has raised serious concerns about spyware applications’…
Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed
RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has recently been the victim of a cyber attack. The breach, which occurred on April 14, 2024, was discovered on June 10, 2024, and has compromised the…
Hackers Using ClickFix Social Engineering Tactics to Deploy Malware
Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery, dubbed the “ClickFix” infection chain. This novel attack strategy leverages advanced social engineering techniques to manipulate unsuspecting users into executing malicious scripts, leading to severe security…
Coyote Banking Trojan Attacking Windows Users To Steal Login Details
Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept and modify transactions, allowing hackers to drain bank accounts or make unauthorized purchases. BlackBerry cybersecurity researchers recently detected that the Coyote banking trojan has been actively…
Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets
As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has emerged, targeting fans and attendees. Cybersecurity firm QuoIntelligence has uncovered a sophisticated fraudulent campaign involving over 700 fake domains designed to sell counterfeit tickets for the…
Japanese Space Agency Spotted zero-day via Microsoft 365 Services
The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that occurred last year, involving unauthorized access to its internal servers. The breach, detected in October 2023, has prompted JAXA to implement robust countermeasures to prevent future…
Top 10 Active Directory Management Tools – 2024
Active Directory Management Tools are essential for IT administrators to manage and secure Active Directory (AD) environments efficiently. These tools streamline tasks such as user and group management, permissions assignment, and policy enforcement, ensuring the AD infrastructure remains organized and…
New Eldorado Ransomware Attacking Windows And Linux Systems
Ransomware-as-a-service (RaaS) has evolved into sophisticated enterprise-like model. From 2022 to 2023, ransomware programs advertised on the dark web increased by half, with 27 ads identified. The RAMP forum was made the main hub of hiring for ransomware. Attacks published…
Passkeys Available for Passkeys high-risk Users in the Advanced Protection Program
Google has announced the integration of passkeys into its Advanced Protection Program (APP). This development aims to provide an easier and more secure alternative to traditional passwords, enhancing protection against common cyber threats such as phishing, malware, and unauthorized data…
Chinese APT40 Is Ready To Exploit New Vulnerabilities Within Hours Of Release
Multiple international cybersecurity agencies jointly warn of a PRC state-sponsored cyber group, linked to the Ministry of State Security and known by various names like APT40, Leviathan. The group, based in Hainan Province, has targeted organizations globally, including in Australia…
Scammers Offering Fraud-as-a-service to Other Scammers to Drain Victims Funds
Scammers no longer need to possess technical expertise or devise intricate fraud schemes. The rise of Fraud-as-a-Service (FaaS) has revolutionized scam execution, making it easier for even the most inexperienced fraudsters to prey on unsuspecting victims. This article delves into…
Threat Actors Claiming Breach of KFC Database
A group of threat actors has claimed responsibility for breaching the database of fast-food giant KFC. The announcement was made via a post on the social media platform X by the user @MonThreat, who is known for disseminating information about…
U.S. Disrupts AI-Powered Russian State-Sponsored Hackers Bot Farm
In collaboration with international partners, the U.S. Federal Bureau of Investigation (FBI) and the Cyber National Mission Force (CNMF) have successfully disrupted a sophisticated AI-powered bot farm operated by Russian state-sponsored hackers. The bot farm, known as Meliorator, was used…
X-Files Stealer Attacking Windows Users to Steal Passwords
Cybersecurity experts have identified a new malware strain, dubbed “XFiles Stealer,” which is actively targeting Windows users to steal passwords and other sensitive information. The discovery was made public by MonThreat, a prominent cybersecurity research group, via their official social…
Universal Code Execution Vulnerability In Browsers Puts Millions Of Users At Risk
Hackers remotely execute malicious code on a compromised device or server by exploiting the Universal Code Execution vulnerability. Through this vulnerability, threat actors can inject codes into server-side interpreter languages such as Java, Python, and PHP. Hacking into this security…
Ghostscript Rendering Platform Vulnerability Let Attackers Execute Remote Code
A critical vulnerability has been discovered in the Ghostscript rendering platform, identified as CVE-2024-29510. This flaw, a format string vulnerability, affects versions up to 10.03.0 and allows attackers to bypass the -dSAFER sandbox, leading to remote code execution (RCE). This…
Turla Hackers Weaponizing LNK-Files To Deploy Fileless Malware
Hackers often weaponize LNK files because they can carry malware into systems undetected by anyone. LNK files are shortcuts that, when opened, launch a malicious payload (like scripts or executables). LNK files are widely used in Windows environments and can…
HCL Domino Vulnerability Let Attackers obtain Sensitive information
A critical security vulnerability has been discovered in HCL Domino, a popular enterprise server software, that could potentially expose sensitive configuration information to remote unauthenticated attackers. This vulnerability, CVE-2024-23562, has raised concerns among cybersecurity experts and enterprises relying on HCL…
Apple Removed VPN Services from the Russian AppStore
Apple has removed several prominent VPN service apps from the Russian division of the App Store. The affected apps include Proton VPN, Red Shield VPN, NordVPN, and Le VPN. This action comes in response to complaints from Roskomnadzor, Russia’s federal…
Egyptian Health Department Data Breach: 120,000 Users’ Data Exposed
The Egyptian Health Department (EHD) has reported a data breach affecting 121,995 individuals, including one resident of Maine. The breach, which occurred on December 21, 2023, was discovered on the same day and has since raised serious concerns about data…
Europol Concerns Over Privacy Enhancing Technologies Challenge Lawful Interception
A new position paper argues that Privacy Enhancing Technologies (PET) used in Home Routing are making it difficult for law enforcement to intercept information during investigations lawfully. Home Routing allows a user’s communication to be routed through their home network…
Orcinius Trojan Attacking Users Via Dropbox & Google Docs
A newly identified multi-stage trojan, dubbed “Orcinius,” has been reported to exploit popular cloud services Dropbox and Google Docs as part of its attack strategy. The sophisticated malware begins its assault with an innocuous-looking Excel spreadsheet, which contains a VBA…
Roblox Data Breach: Email & IP address Details Exposed
Roblox, the globally renowned online gaming platform, has suffered a data breach. According to a tweet from cybersecurity expert H4ckManac, the breach has exposed sensitive information, including email addresses and IP addresses of millions of users. This alarming incident has…
The Problem With Bug Bounties
A Technically Skilled individual who finds a bug faces an ethical decision: report the bug or profit from it. This is nowhere more relevant than in crypto. In this article, with the help of Ilan Abitbol from Resonance Security, I look at the…
Cloudflare Details 1.1.1.1 Service Outage Following BGP Hijack
On June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on…
Cloudflare Details 1.1.1.1 Service Outage Incident
On June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on…
Mekotio Banking Trojan Attacking American Users To Steal Financial Data
Active since 2015, Mekotio is a Latin American banking trojan specifically designed to target financial data in regions like Brazil, Chile, Mexico, Spain, and Peru. It exhibits links to the recently disrupted Grandoreiro malware, both likely originating from the same…
Kimusk’s HappyDoor Executed Via regsvr32 File To Evade Detection
Kimsuky, also known as the Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet, is a North Korean state-sponsored advanced cyber espionage group that uses sophisticated methods to target political, economic, and national security interests for various countries. They are very…
Hackers Compromised Ethereum’s Mailing List to Drain Their Crypto Funds
In a recent cyberattack, hackers successfully compromised Ethereum’s mailing list, attempting to drain users’ crypto funds through a sophisticated phishing campaign. The breach has raised significant concerns within the cryptocurrency community, prompting immediate action from Ethereum’s internal security team. The…
Threat Actor Claiming 2FA Bypass Vulnerability in HackerOne Bug Bounty Platform
A threat actor has claimed to have discovered a vulnerability that bypasses the two-factor authentication (2FA) on the HackerOne bug bounty platform. The claim was made public via a tweet from the account MonThreat, which is known for sharing cybersecurity-related…
Hackers Abused Twilio API To Verify Phone Numbers used For MFA
An unauthenticated endpoint vulnerability allowed threat actors to identify phone numbers associated with Authy accounts, which was identified, and the endpoint has been secured to prevent unauthorized access. No evidence suggests the attackers gained access to internal systems or other…
Over 380,000+ Hosts Embedding Polyfill JS script Linking to Malicious Domain
Over 380,000 web hosts have been found embedding a compromised Polyfill.io JavaScript script, linking to a malicious domain. This supply chain attack has sent shockwaves through the web development community, highlighting the vulnerabilities inherent in widely used open-source libraries. Polyfill.js,…
FakeBat Malware Weaponizing AnyDesk, Zoom, Teams & Chrome
Hackers target and weaponize AnyDesk, Zoom, Teams, and Chrome as these applications are widely used in a multitude of sectors. Not only that, but even these widely used applications also provide access to many users and sensitive information. Cybersecurity researchers…
New ‘Pryx’ Ransomware Hijacked 30,000 University Applications
A new player has emerged on the cybercrime landscape the ransomware group “Pryx.” Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications. This announcement…
Threat Actors Selling Shopify Commerce Platform Data on Dark Web
Threat actors have been found selling sensitive data from the Shopify commerce platform on the dark web. This alarming news was first reported by DarkWebInformer on their social media Twitter account, raising significant concerns about the security of e-commerce platforms…
TotalEnergies Cyber Attack: Data of 210,715 Customers Exposed
TotalEnergies Clientes SAU has reported a significant cyberattack that has compromised the personal data of 210,715 customers. The incident has raised serious concerns about data security and the integrity of digital infrastructures in the energy sector. Unauthorized Access Detected TotalEnergies…
Hiap Seng Industries Servers Attacked by Ransomware
Hiap Seng Industries, a prominent engineering and construction company, has fallen victim to a ransomware attack that compromised its servers. The company has swiftly taken measures to contain the breach and ensure the continuity of its business operations. Immediate Containment…
Gogs Vulnerabilities Let Attackers Hack Instances And Steal Source Code
Gogs is a standard open-source code hosting system used by many developers. Several Gogs vulnerabilities have been discovered recently by the cybersecurity researchers at SonarSource. Gogs can be hacked through these flaws, which put its instances at risk of source…
Juniper SRX Vulnerability Allows Attackers Trigger DoS Condition
A vulnerability in Junos OS on SRX Series devices allows attackers to trigger a DoS attack by sending crafted valid traffic, which is caused by improper handling of exceptional conditions within the Packet Forwarding Engine (PFE) and leads to PFE…
Critical WordPress Plugin Flaw Exposes 90,000+ WordPress Sites
A critical vulnerability has been discovered in the popular WordPress plugin “Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce.” The flaw, identified as CVE-2024-6172, has been assigned a CVSS score of 9.8, indicating its…
Hackers Claiming of Sandbox Escape RCE in 0-DAY Google Chrome
A group of hackers has claimed to have discovered a critical zero-day vulnerability in Google Chrome. This exploit, which reportedly enables a sandbox escape and remote code execution (RCE), could potentially compromise millions of users worldwide. The announcement was made…
Rafel RAT Attacking Android Devices To Gain Unauthorized Access
The Rafel RAT is an advanced Android-targeting Remote Access Trojan which poses a great cybersecurity danger. This malicious program has become popular due to its prominence for breaking into device security and taking away confidential details. Knowing the origin of…
Hackers Using Polyglot Files In the Wild, Here Comes PolyConv For Detection
Polyglot files have to fit in several file format specifications and respond differently depending on the calling program. This poses a significant risk to endpoint detection and response (EDR) systems and file uploaders, which mainly rely on format identification for…