Browsing Category
Data Breaches
457 posts
Your blog category
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details…
Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points…
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers
A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation…
Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing…
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the…
China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that’s used by law enforcement authorities…
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked…
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with…
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a…
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to…