Cybercriminals are increasingly exploiting vulnerabilities in government websites to carry out phishing campaigns, leveraging the inherent trust users place in official domains. A recent report by Cofense Intelligence shows that how attackers are weaponizing .gov top-level domains (TLDs) across multiple…
Tag: Cyber Security News
DeepSeek Database Leaked – Full Control Over DB Secret keys, Logs & Chat History Exposed
A security vulnerability in DeepSeek, a prominent Chinese AI startup, exposed a publicly accessible ClickHouse database containing highly sensitive information, including over a million lines of log streams. The breach, which included chat logs, API keys, backend details, and operational…
Microsoft 365 Down – Widespread Outage Affects Users and Admins
Microsoft 365 users worldwide encountered significant disruptions today as multiple services, including the Microsoft 365 Admin Center, reported degradation or complete inaccessibility. The issue, first noted around 18:45 GMT, has left many users unable to access key services, with some…
Hackers Allegedly Selling Fortinet Vulnerability Exploit on Dark Web Forums
A significant cybersecurity threat has emerged as hackers on a prominent Russian dark web forum claim to be selling an active exploit targeting Fortinet devices. The exploit reportedly leverages a critical vulnerability, CVE-2024-55591, which affects FortiOS versions 7.0.0 through 7.0.16. …
Apple Chips Vulnerability Exposes Credit Cards & Location History to Hackers
Researchers have uncovered two critical vulnerabilities in Apple’s custom silicon chips, dubbed SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Predictions). These flaws, found in Apple’s A- and M-series processors, expose sensitive user data such as credit card…
State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks
The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations. While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations…
Windows 11 24H2 Update Breaks Web camera, Audio, & USB
The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance…
WhatsApp’s Image “View Once” Feature Flaw Allowing Unlimited Views
WhatsApp’s “View Once” option is one of the privacy features in the instant messaging space that is intended to provide users with a sense of security. This feature allows users to send photos or videos that disappear after being viewed…
Google Researchers Breakdowns The Malware Obfuscator Scatterbrain
Google’s Threat Intelligence Group (GTIG), in collaboration with Mandiant, has unveiled a comprehensive analysis of ScatterBrain, an advanced obfuscation tool used by China-linked cyber espionage group APT41. This obfuscator is central to the deployment of POISONPLUG.SHADOW, a modular backdoor targeting…
Hackers Using SparkRAT In Wild To Attack Windows, macOS, and Linux Systems
Cybersecurity researchers have uncovered a surge in attacks leveraging SparkRAT, a cross-platform Remote Access Trojan (RAT) written in GoLang. This open-source tool, initially released on GitHub in 2022, has become a favorite among hackers due to its modular design, multi-platform…