Your blog category
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153,… Read More »Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw,… Read More »WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia,… Read More »APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with… Read More »Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known… Read More »GhostRace – New Data Leak Vulnerability Affects Modern CPUs
Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According… Read More »Third-Party ChatGPT Plugins Could Lead to Account Takeovers
Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop… Read More »Google Introduces Enhanced Real-Time URL Protection for Chrome Users
Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of… Read More »Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The… Read More »Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally… Read More »LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada