Your blog category
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog, stating it has… Read More »Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250… Read More »Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket… Read More »Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations… Read More »Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims’ cryptocurrency wallet… Read More »Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched… Read More »Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner,… Read More »Bridging the Remediation Gap: Introducing Pentera Resolve
The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods.… Read More »Why You Should Swap Passwords for Passphrases
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions.… Read More »TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber espionage activity… Read More »Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware