WordPress Critical Vulnerability Fixed in Patch 6.4.2
WordPress has rolled out version 6.4.2, addressing a critical remote code execution (RCE) vulnerability. Discovered by the project’s security team, the vulnerability could potentially be exploited by threat actors to…
AeroBlade TA Spies On U.S. Aerospace Industry
Cybersecurity experts have uncovered a sophisticated cyberespionage campaign targeting a prominent U.S. aerospace organization. The threat actor, identified as AeroBlade, executed a spear phishing attack, raising serious questions about the…
Federal Agency Hacked With ColdFusion Vulnerability
A vulnerability in Adobe's ColdFusion allowed hackers to breach two public-facing servers at a federal agency. The Cybersecurity and Infrastructure Security Agency (CISA) published a report explaining the way it…
Sierra AirLink Vulnerabilities Expose Critical Infrastructure
The grand total of 21 security flaws was discovered in Sierra Wireless AirLink routers firmware. The vulnerabilities allow for remote code injection, unauthenticated access, DoS attacks, and else. As such…
Cactus Ransomware Attacks – Microsoft Alerts
Microsoft has raised the alarm about a growing wave of ransomware attacks utilizing malvertising tactics to spread Cactus ransomware. The sophisticated malware campaign hinges on deploying DanaBot as an initial…
23andMe Data Leak Exposes Nearly 7 Million Users’ Sensitive Data
Nearly 7 million clients of a genetic testing and biotechnology company 23andMe fell victim to a data leak in October. Hackers got unauthorized access and extracted profile data, affecting a…
Outlook Vulnerability Exploited by Russian Hackers
A vulnerability in Microsoft Outlook is under active exploitation – that is the worrying notification from Microsoft. World largest software developer warns about Russian state-sponsored hackers using this breach to…
Qilin Ransomware Focuses on VMware ESXi Servers
In a disturbing development, security researchers have uncovered a Linux version of the Qilin ransomware gang's encryptor, specifically tailored to target VMware ESXi servers. This encryptor is one of the…
Google Addresses Zero-Day Vulnerability in Chrome
In a recent security alert, Google has addressed a critical zero-day vulnerability in its Chrome browser and ChromeOS software, urging users to update to the latest version (119.0.6045.199). The flaw,…
Tipalti, Roblox and Twitch Hacked by ALPHV/BlackCat
On December 3, 2023, ALPHV ransomware gang claimed hacking into a fintech software provider Tipalti, Roblox and Twitch, its clients. The approach, however, appears to be unusual, as the gang…
SugarGh0st RAT Targets Uzbekistan and South Korea
A new malicious campaign employs SugarGh0st RAT to target government agencies. Artifacts in the decoy documents hint at a potential Chinese-speaking actor. SugarGh0st Uses Spear Phishing to Attack Governments Researchers…
What is Sextortion? Explanation, Signs & Ways to Avoid
Sextortion is a specific email phishing tactic that was around for quite some time. Over the last few years though its popularity skyrocketed, and some novice technologies make me concerned…
