General Security News
-
650,000+ Malicious Domains Registered Resembling ChatGPT
Hackers abuse the ChatGPT name for malicious domains to exploit the credibility associated with the ChatGPT model, deceiving users into trusting...
-
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat...
-
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that...
-
New Medusa Stealer Attacking Users to Steal Login Credentials
While the world celebrated Christmas, the cybercrime underworld feasted on a different kind of treat: the release of Meduza 2.2, a significantly...
-
New JinxLoader Targeting Users with Formbook and XLoader Malware
A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor...
-
Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks
Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are...
-
Albanian Parliament and One Albania Telecom Hit by Cyber Attacks
The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country’s National Authority for...
-
Chinese Hackers Exploit New Zero-Day in Barracuda’s ESG to Deploy Backdoor
Barracuda Email Security Gateway (ESG) Appliance has been discovered with an Arbitrary code Execution vulnerability exploited by a China Nexus...
-
Operation Triangulation: 0-click Attack Chained With 4 Zero-Days to Hack iPhones
Hackers exploit Zero-Days because these vulnerabilities are unknown to software developers, making them valuable for launching attacks before...
-
Critical Apache OfBiz Zero-Day Let Attackers Bypass Authentication
A new vulnerability has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Apache OfBiz is used as a...
-
Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks
Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors...
-
Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service
Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a...