The Security Blog From Gridinsoft

Vulnerability in Vite Tool Allows for Arbitrary File Read, Install Updates Now

CVE-2025-32395 Vite Vulnerability Exposes Sensitive Files

A newly discovered Vite vulnerability, a widely used frontend development tool, has been assigned the identifier CVE-2025-32395. This flaw affects…

Google Releases Two Android Zero-Day Fixes, Exploited in the Wild

Google addressed two critical Android zero-day vulnerabilities in Android, identified as CVE-2024-53150 and CVE-2024-53197, through the April 2025 security update.…

Urgent Reminder Tax Scam

The “Urgent reminder” tax scam is a yearly phishing effort designed to steal Microsoft account details by exploiting tax season…

Samsung Tickets Data Leak

The Samsung tickets data leak involves a breach affecting Samsung Germany customer support system, managed through samsung-shop.spectos.com, operated by Spectos…

Oracle Cloud Breach Plausible, Experts Research Confirms

Recent reports indicate a potential major security incident involving Oracle Cloud, detected on March 21, 2025. Researchers claim a threat…

What is Jupiter Airdrop scam?

Jupiter Airdrop Scam

Jupiter Airdrop scam is an alleged crypto-airdrop campaign that promises…

Telegram Captcha Exploits PowerShell to Spread Malware

Ross Ulbricht Telegram Captcha Scams On the Rise, Beware!

A new scam campaign has been detected, using a fake…

0-Click Cloudflare Deanonymization Attack Exploits Telegram, Signal, Discord And Other Apps

0-Click Cloudflare Deanonymization Vulnerability Discovered

A young security researcher has found a vulnerability in Cloudflare’s…

Zero-Click Exploit Targeting Samsung S23 and S24 Smartphones Discovered, Patch Now

Samsung Zero-Click Vulnerability Discovered, Update Now

Google Project Zero researcher reports on a Samsung zero-click vulnerability…

GayFemboy Mirai-Based Botnet Attacks Routers Through The Four-Faith Vulnerability

New Mirai Based Botnet Exploits Four-Faith Vulnerability

Researchers detected another IoT botnet based off of Mirai malware…

25 Chrome Extensions Hacked, Leaking Credentials of Over 2 Million Users

25 Chrome Extensions Compromised, Exposing 2M+ Users

A targeted attack on Chrome extensions publishers compromised the add-ons…

CVSS 9.9 Vulnerability in Apache Traffic Control Fixed, Update ASAP

Apache Traffic Control Critical SQLi Vulnerability Fixed

Apache Traffic Control platform got a critical security patch that…

LockBit 4.0 Ransomware Released, Launches Affiliate Hiring Campaign

Lockbit 4.0 Released, With New Infrastructure and Features

Lockbit ransomware group steps up with a new version of…

LockBit Ransomware Developer Arrested and Extradicted in Israel

LockBit Ransomware Developer Arrested and Extradicted in Israel

US authorities have detained a developer associated with the LockBit…

BeyondTrust Critical Flaw Actively Exploited, CISA Warns

BeyondTrust Remote Access Vulnerability Exploited, Update Now

BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) solutions…

Ledger wallet owners have been targeted by attackers, again

New Ledger Phishing Campaign Targets Recovery Phrases

Owners of popular hardware cryptocurrency wallets Ledger have become the…

Cleo File Transfer Vulnerabilities Are A New Ransomware Attack Vector

Cleo File Transfer Vulnerabilities Exploited by Cl0p Ransomware

Recent cybersecurity incidents have exposed critical vulnerabilities in Cleo’s file…

AI Assistant

Hello! 👋 How can I help you today?