Burp AI, PortSwigger unveils AI-driven extensibility in Burp Suite Professional, revolutionizing the way security professionals approach application testing. In its latest stride toward innovation, PortSwigger, the creator of the widely acclaimed Burp Suite, has announced the integration of artificial intelligence…
Tag: Cyber Security News
APT43 Hackers Attacking Academic Institutions With Exposed Credentials
APT43, a notorious North Korean state-sponsored hacking group, has been actively targeting academic institutions worldwide, exploiting exposed credentials to gain unauthorized access. Linked to the Reconnaissance General Bureau (RGB), APT43 is known for its strategic intelligence gathering and financially motivated…
Security Researchers Now Analyse Any URL With ANY.RUN Safebrowsing Tool Extension for Free
ANY.RUN, a global leader in Interactive Malware sandboxes, has upgraded its browser extension to include the Safebrowsing feature, which is now available for free to all users. This tool is designed to help businesses and individuals combat phishing attempts, malicious…
New Phishing Attacks Abuses Webflow CDN & CAPTCHAs To Steal Credit Card Details
A recent phishing campaign has been uncovered by Netskope Threat Labs, highlighting a sophisticated technique where attackers exploit Webflow’s Content Delivery Network (CDN) and fake CAPTCHAs to steal sensitive financial information. This campaign, ongoing since the second half of 2024,…
Hackers Exploited Palo Alto’s Firewall Vulnerability to Deploy RA World Ransomware
In a significant cybersecurity breach, attackers exploited a critical vulnerability in Palo Alto Networks’ PAN-OS firewall software (CVE-2024-0012) to deploy the RA World ransomware. The attack, which occurred in late 2024, targeted a medium-sized software and services company in South…
Hackers Exploiting ThinkPHP & ownCloud Vulnerabilities at Large Scale
A recent surge in exploitation activity has been observed targeting two critical vulnerabilities, CVE-2022-47945 in ThinkPHP and CVE-2023-49103 in ownCloud. These attacks highlight the persistent threat posed by unpatched systems and the challenges organizations face in prioritizing vulnerability management. CVE-2022-47945…
Winnti Hackers Attacking Japanese Organizations With New Malware
The China-based Winnti Group has targeted Japanese organizations in a recent cyberattack campaign known as “RevivalStone,” in the manufacturing, materials, and energy sectors. This campaign, confirmed in March 2024, utilizes a new version of the Winnti malware with enhanced capabilities.…
Threat Actors Exploiting DeepSeek’s Popularity To Deploy Malware
The Chinese AI startup DeepSeek has gained significant attention in the global AI market with its open-source inference model, DeepSeek-R1. This model has been touted as a more cost-effective alternative to existing AI solutions, outperforming OpenAI’s GPT-o1. However, this newfound…
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) To Hack Windows Systems
Russian-backed hackers, specifically the Sandworm APT group (also known as APT44 or UAC-0145), have been using weaponized Microsoft Key Management Service (KMS) activators to infiltrate Windows systems in Ukraine. This campaign, which has been active since late 2023, exploits pirated…
RedNote App Vulnerability Allows Access to User Files on iOS & Android Devices
Critical vulnerabilities were uncovered in the popular Chinese social media app RedNote (also known as XiaoHongShu), which boasts over 300 million active users globally. These security flaws, present in both Android and iOS versions, expose users’ browsing activity, device metadata,…