The Apache Software Foundation has issued urgent patches for multiple high-severity vulnerabilities in Apache Traffic Server (ATS), its enterprise-grade caching proxy server. Four distinct flaws (CVE-2024-38311, CVE-2024-56195, CVE-2024-56196, and CVE-2024-56202) enable threat actors to execute request smuggling attacks, bypass access…
Tag: Cyber Security News
Akira Ransomware Attacking Windows Server via RDP & Evades EDR Using Webcam
A sophisticated ransomware group called Akira has been responsible for approximately 15% of cybersecurity incidents in 2024. The threat actor has deployed novel techniques to bypass security defenses, most notably by exploiting unsecured webcams to circumvent Endpoint Detection and Response…
Commvault Webserver Vulnerability Let Attackers Compromise Webserver
Commvault, a global leader in enterprise data protection and management solutions, has urgently patched a high-severity webserver vulnerability that enables attackers to compromise systems by creating and executing malicious webshells. The flaw affects multiple versions of Commvault’s software across Linux…
Microsoft WinDbg RCE Vulnerability Let Attackers Execute Arbitrary Code Remotely
A high-severity vulnerability CVE-2025-24043, remote code execution (RCE) through improper cryptographic signature validation in the SOS debugging extension. The vulnerability affects critical .NET diagnostic packages including dotnet-sos, dotnet-dump, and dotnet-debugger-extensions, which are integral to .NET Core application debugging workflows. According…
1 Million Devices Infected by Malwares Hosted on GitHub, Microsoft Warns
Microsoft Threat Intelligence detected a large-scale malvertising campaign in early December 2024 that infected nearly one million devices globally in an opportunistic attack designed to steal information. The campaign impacted a wide range of organizations and industries, affecting both consumer…
Hackers Leveraging Compromised Email Server To Send Fraudulent Emails
In a sophisticated business email compromise (BEC) attack recently uncovered by Trend Micro Managed XDR team, threat actors exploited a compromised third-party email server to conduct fraudulent financial transactions between business partners. The scheme, which unfolded over several days, involved…
Popular Python Library Vulnerability Exposes 43 million Installations to Code Execution Attacks
A recently disclosed vulnerability in the widely used Python JSON Logger library has exposed an estimated 43 million installations to potential remote code execution (RCE) attacks through a dependency chain flaw. Tracked as GHSA-wmxh-pxcx-9w24 and scoring 8.8/10 on the CVSS…
Notorious Black Basta Tactics, Techniques and Procedures Uncovered From Leak
A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations. A Telegram user named ExploitWhispers unveiled the leak contained approximately 200,000 chat messages dated between September 2023…
Hackers Using Advanced Social Engineering Techniques With Phishing Attacks
Cybercriminals are advancing beyond rudimentary phishing attempts, adopting sophisticated social engineering strategies that build relationships with targets before delivering malicious payloads. ESET’s APT Activity Report shows that the North Korea-aligned threat actors have significantly refined their tactics, making traditional security…
North Korean Hackers Cash Out $300 Million From Record $1.46 Billion ByBit Crypto Heist
Lazarus Group hackers believed to be affiliated with North Korea’s regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange. The cybercriminals, identified as the infamous Lazarus Group, executed the attack…