A significant threat in the cybersecurity landscape has emerged, dubbed Hellcat, a new ransomware group. This ransomware group leverages a Ransomware-as-a-Service (RaaS) model to target critical sectors such as government, education, and energy. First identified in mid-2024, Hellcat operates by…
Tag: Cyber Security News
FleshStealer, A New Infostealer Attacking Chrome & Mozilla Users
A new strain of information-stealing malware, dubbed FleshStealer, has emerged as a significant threat to internet users worldwide. This advanced infostealer targets Chromium and Mozilla-based web browsers, exploiting their vulnerabilities to steal sensitive data, including credentials, cryptocurrency wallet information, and…
PoC Exploit Released for Actively Exploited Windows CLFS Buffer Overflow
A proof-of-concept (PoC) exploit for the actively exploited Windows Common Log File System (CLFS) vulnerability, tracked as CVE-2024-49138 has been released. This vulnerability, which Microsoft patched on December 10, 2024, with update KB5048685 for Windows 11 versions 23H2 and 22H2,…
API Vulnerabilities Surge 1,025%, Threatening AI Security (PDF)
Wallarm’s 2025 API ThreatStats Report exposes a startling rise in AI-focused attacks, with researchers tracking 439 AI-related CVEs in 2024—a 1,025% jump over the previous year. Almost all of these exploits 99% involve weak or poorly configured APIs. Injection flaws,…
New Aquabot Malware Attacking Mitel SIP To Inject Commands
A new variant of the Mirai-based malware, dubbed Aquabotv3, has been identified by the Akamai Security Intelligence and Response Team (SIRT). This malware is actively exploiting a command injection vulnerability in Mitel SIP phones to execute malicious commands and propagate…
Lynx Ransomware Infrastructure To Attack Windows, Linux, ESXi & Affiliate Panel Uncovered
Security experts has uncovered the sophisticated infrastructure of the Lynx Ransomware-as-a-Service (RaaS) group in a recent investigation. This ransomware group is Known for its cross-platform capabilities and affiliate-driven model. Lynx targets Windows, Linux, and VMware ESXi environments, posing a significant…
DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts
DeepSeek R1, the latest AI model from China, is making waves in the tech world for its reasoning capabilities. Positioned as a challenger to AI giants like OpenAI, it has already climbed to 6th place on the Chatbot Arena benchmarking…
Critical Cacti Vulnerability Let Attackers Code Remotely – PoC Released
The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severity. It allows authenticated users with device management permissions to execute arbitrary commands on the server,…
API Supply Chain Attack Exposes Millions of Airline Users Accounts to Hackers
A vulnerability in a third-party travel service API has exposed millions of airline users to potential account takeovers, enabling attackers to exploit airline loyalty points and access sensitive personal information. The flaw, discovered by Salt Labs, highlights the risks associated…
PoC Exploit Released for TP-Link Router Web Interface XSS Vulnerability
A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553). The issue stems from improper handling of directory listing paths on the router’s web interface. When a…