The Security Blog From Gridinsoft

New Apache Struts 2 RCE Vulnerability Discovered

New Apache Struts 2 Vulnerability Allows for RCE

A newly discovered critical security flaw in Apache Struts 2, a widely used open-source web application framework, has spurred an…

Malicious Loan Apps in Play Store Decieved 12M Users

Eighteen malicious loan apps on the Google Play Store, posing as legitimate financial services, have scammed users. They offer high-interest-rate…

PoolParty Injection Techniques Circumvent EDR Solutions

A set of process injection techniques, named PoolParty, was presented at the Black Hat Europe 2023 conference. A set of…

WordPress Critical Vulnerability Fixed in Patch 6.4.2

WordPress has rolled out version 6.4.2, addressing a critical remote code execution (RCE) vulnerability. Discovered by the project’s security team,…

AeroBlade TA Spies On U.S. Aerospace Industry

Cybersecurity experts have uncovered a sophisticated cyberespionage campaign targeting a prominent U.S. aerospace organization. The threat actor, identified as AeroBlade,…

Malicious Campaign through Google Search

Fraudsters Are Running a Malicious Advertising Campaign through Google Search

Malwarebytes, an information security company, has discovered a large malicious…

Fake app for DDoS attacks

Fake DDoS App Targets Pro-Ukrainian Hacktivists

Google Threat Analysis Group (TAG) specialists reported that the Russian-speaking…

CloudMensis Malware for macOS

CloudMensis Malware Attacks MacOS Users

ESET experts have discovered the CloudMensis malware, which is used…

phishing kit targeting PayPal

Cybersecurity Researchers Discovered a New Phishing Kit targeting PayPal Users

Akamai has identified a new phishing kit that is being…

PoC exploit for macOS

Microsoft Releases PoC Exploit to Escape MacOS Sandbox

Microsoft has detailed a recently patched vulnerability affecting Apple operating…

U2K Ransomware Strikes, Thousands Of Victims

U2K Ransomware Strikes, Thousands Of Victims

U2K ransomware, probably the rising star on the ransomware arena,…

AstraLocker and Yashma decryption tool

Emsisoft Released a Free Tool to Decrypt Data Corrupted by AstraLocker and Yashma

Emsisoft has released a free decryption tool for files affected…

TrickBot attacks Ukraine

TrickBot Hack Group Systematically Attacks Ukraine

IBM Security X-Force experts noticed that from the very beginning…

Bandai Namco Hacked, Ransomware Group Reports

Bandai Namco Hacked, ALPHV Group Claims

On Monday, June 11, 2022, the information about the cyberattack…

Conti's blockchain plans: an ominous prospect

Conti’s blockchain plans: an ominous prospect

Earlier this year, on February 22, Conti’s gang became popular…

Chinese APTs Increasingly Target Russian Organizations

Russian Organizations Under Attack By Chinese APTs

Unveiling a recent cyber saga, the experts at SentinelLabs have…

New RedAlert ransomware

New RedAlert Ransomware Targets Windows and Linux VMware ESXi Servers

Researchers have discovered a new RedAlert (aka N13V) ransomware that…

AI Assistant

Hello! 👋 How can I help you today?