The Security Blog From Gridinsoft

Urgent Reminder Tax Scam: Malicioius QR Codes in Emails Ahead of Tax Deadline

Urgent Reminder Tax Scam

The “Urgent reminder” tax scam is a yearly phishing effort designed to steal Microsoft account details by exploiting tax season…

Samsung Tickets Data Leak

The Samsung tickets data leak involves a breach affecting Samsung Germany customer support system, managed through samsung-shop.spectos.com, operated by Spectos…

Oracle Cloud Breach Plausible, Experts Research Confirms

Recent reports indicate a potential major security incident involving Oracle Cloud, detected on March 21, 2025. Researchers claim a threat…

CrushFTP’s Unauthenticated Access Flaw Discovered

CrushFTP has warned users to patch an unauthenticated access flaw immediately, affecting all v11 versions. The vulnerability enables attackers to…

FBI Issues Online File Converter Malware Scam Warning

The FBI Denver Field Office has warned about a growing scam involving free online file converter tools, which appears to…

0-Click Cloudflare Deanonymization Attack Exploits Telegram, Signal, Discord And Other Apps

0-Click Cloudflare Deanonymization Vulnerability Discovered

A young security researcher has found a vulnerability in Cloudflare’s…

Zero-Click Exploit Targeting Samsung S23 and S24 Smartphones Discovered, Patch Now

Samsung Zero-Click Vulnerability Discovered, Update Now

Google Project Zero researcher reports on a Samsung zero-click vulnerability…

GayFemboy Mirai-Based Botnet Attacks Routers Through The Four-Faith Vulnerability

New Mirai Based Botnet Exploits Four-Faith Vulnerability

Researchers detected another IoT botnet based off of Mirai malware…

25 Chrome Extensions Hacked, Leaking Credentials of Over 2 Million Users

25 Chrome Extensions Compromised, Exposing 2M+ Users

A targeted attack on Chrome extensions publishers compromised the add-ons…

CVSS 9.9 Vulnerability in Apache Traffic Control Fixed, Update ASAP

Apache Traffic Control Critical SQLi Vulnerability Fixed

Apache Traffic Control platform got a critical security patch that…

LockBit 4.0 Ransomware Released, Launches Affiliate Hiring Campaign

Lockbit 4.0 Released, With New Infrastructure and Features

Lockbit ransomware group steps up with a new version of…

LockBit Ransomware Developer Arrested and Extradicted in Israel

LockBit Ransomware Developer Arrested and Extradicted in Israel

US authorities have detained a developer associated with the LockBit…

BeyondTrust Critical Flaw Actively Exploited, CISA Warns

BeyondTrust Remote Access Vulnerability Exploited, Update Now

BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) solutions…

Ledger wallet owners have been targeted by attackers, again

New Ledger Phishing Campaign Targets Recovery Phrases

Owners of popular hardware cryptocurrency wallets Ledger have become the…

Cleo File Transfer Vulnerabilities Are A New Ransomware Attack Vector

Cleo File Transfer Vulnerabilities Exploited by Cl0p Ransomware

Recent cybersecurity incidents have exposed critical vulnerabilities in Cleo’s file…

Aiocpa PyPI Package Targets Crypto Wallets

Aiocpa PyPI Package Targets Crypto Wallets

A malicious package named aiocpa was identified on the Python…

Critical Ivanti CSA Authentication Bypass (CVE-2024-11639) Patched Alongside Other Severe Flaws

Ivanti Fixes Authentication Bypass Vulnerability, Patch Now

Ivanti has alerted its customers to a critical authentication bypass…

AI Assistant

Hello! 👋 How can I help you today?