New Fortinet VPN RCE Flaw Discovered, Patch ASAP
Fortinet has issued a warning about a recently discovered critical vulnerability in its FortiOS SSL VPN system that could be actively exploited by attackers. The vulnerability in Fortinet network security…
Shim Bootloader Vulnerability Affects Linux Systems
Researchers have identified a critical vulnerability in Shim, a widely-used Linux bootloader. This vulnerability could potentially allow attackers to execute malicious code and gain control of target systems before the…
Ov3r_Stealer Steals Crypto and Credentials, Exploits Facebook Job Ads
A new Windows malware called Ov3r_Stealer is spreading through fake Facebook job ads, according to a report by Trustwave SpiderLabs. The malware is designed to steal sensitive information and crypto…
Third Ivanti VPN Vulnerability Under Massive Exploitation
Experts have discovered a third Server Side Request Forgery (SSRF) vulnerability in Ivanti products. This is a serious security issue for corporate VPN devices. The new vulnerability allows unauthorized access…
Tax Season Scams On The Rise, Beware!
Tax season has already begun, and so did tax season scams. The IRS annually lists its top tax scams to help taxpayers protect themselves. Most tax season scams involve identity…
Docker API Vulnerability Exploited in Cryptojacking Campaign
A new campaign named "Commando Cat" uses a Docker API vulnerability. It uses Docker to gain initial access to a system and then deploys a series of malicious payloads. This…
Hewlett Packard Enterprise Hacked, Darknet Forum Sales Data
On February 1, 2024, a post on a Darknet hacker forum selling Hewlett Packard Enterprise data appeared. Threat actor known as IntelBroker claims hacking into the company’s network and grabbing…
Mastodon Vulnerability Allows for Account Takeover
A security vulnerability loophole discovered by cybersecurity experts has revealed that decentralized social network Mastodon contains a critical vulnerability. Also, the flaw could potentially allow attackers to gain unauthorized access…
Mispadu Banking Trojan Exploits SmartScreen Flaw
Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered…
Claro Company Hit by Trigona Ransomware
Claro Company, the largest telecom operator in Central and South America, disclosed being hit by ransomware. Representatives shared this information in response to the service disruptions in several regions. From…
CrackedCantil Dropper Delivers Numerous Malware
CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in…
New FritzFrog Botnet Sample Exploits Log4Shell and PwnKit
Researchers detected a new sample of FritzFrog malware, that is known for creating significant botnets. The new threat sample includes the functionality to exploit flaws in network assets, including the…
