The Security Blog From Gridinsoft

CVE-2025-21605 Redis Denial of Service Vulnerability

CVE-2025-21605 Redis DoS Vulnerability Discovered, Patch Now

So Redis walks into a bar and the bartender asks, “Why so bloated?” Turns out Redis has been hitting the…

WordPress Ad-Fraud Plugins and the Scallywag Operation

Cybersecurity researchers have found a large-scale ad fraud scheme called “Scallywag”. It used WordPress plugins to generate massive fraudulent ad…

MITRE Warns CVE Program Funding Expires on April 16

MITRE, a key player in cybersecurity awareness, has issued a warning about the funding for the Common Vulnerabilities and Exposures…

CVE-2025-32395 Vite Vulnerability Exposes Sensitive Files

A newly discovered Vite vulnerability, a widely used frontend development tool, has been assigned the identifier CVE-2025-32395. This flaw affects…

Google Releases Two Android Zero-Day Fixes, Exploited in the Wild

Google addressed two critical Android zero-day vulnerabilities in Android, identified as CVE-2024-53150 and CVE-2024-53197, through the April 2025 security update.…

Frauds Promote Trading Scam With AI Bots in YouTube Ads

Frauds Promote Trading Scam With AI Bots in YouTube Ads

Attackers use AI-generated videos featuring credible crypto experts to create…

Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Signal Linked Devices Abused by Russian Intelligence

A new fraudulent campaign to hijack Signal accounts has been…

StaryDobry ruins New Year’s Eve, delivering miner instead of presents

StaryDobry Malware Hides in Pirated Games, Deploys XMRig

A major malware campaign named StaryDobry infected gamers by distributing…

Phishing Campaign Abuses Webflow, SEO, and Fake CAPTCHA

Fake CAPTCHA Abuses PDF and SEO Poisoning

Cybercrime actors misuse search ads to distribute fraudulent PDF files,…

Zimbra Releases Fixes for a Critical CVSS 9.8 SQL Injection Vulnerability

Zimbra Security Updates Fix a Critical SQL Injection Vulnerability

Zimbra has released updates that fix vulnerabilities in its products.…

Fake Google Chrome Sites Distribute ValleyRAT Malware, Using DLL Hijacking

Fake Google Chrome Downloading Sites Distribute ValleyRAT

Cybercriminals have set up fake websites mimicking Google Chrome’s official…

SVG Virus: Phishing Attacks and Malware Injection Through an Image

SVG Virus: New Phishing Tactique in Images

Security researchers have discovered a phishing campaign that is based…

Cisco Identity Services Engine Java Deserialization and Authorization Bypass Vulnerabilities Fixed, Update As Soon As Possible

Cisco Authorization Bypass Vulnerabilities Discovered

Cisco has rolled out security updates to fix two critical…

The Alarming Rise of DeepSeek Scams

The Alarming Rise of DeepSeek Scams

The release of DeepSeek AI chatbot gave a push for…

DeepSeek AI Data Breach: Over a Million Log Entries and Sensitive Keys Exposed

DeepSeek AI Data Leaked, Exposing User Data

Wiz Research discovered a detailed DeepSeek database containing sensitive information,…

What is Jupiter Airdrop scam?

Jupiter Airdrop Scam

Jupiter Airdrop scam is an alleged crypto-airdrop campaign that promises…

Telegram Captcha Exploits PowerShell to Spread Malware

Ross Ulbricht Telegram Captcha Scams On the Rise, Beware!

A new scam campaign has been detected, using a fake…

AI Assistant

Hello! 👋 How can I help you today?