General Security News
-
Gaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense Sectors
A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications...
-
North Korea's Lazarus Group Launders $900 Million in Cryptocurrency
As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group linked to...
-
Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike
Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing...
-
Hackers Exploit Atlassian Confluence Zero-day Flaw to Create Admin Account
The widely adopted Atlassian Confluence has been discovered with a zero-day vulnerability, which could allow threat actors to create an admin...
-
Microsoft Office XSS Flaw Let Attackers Execute Arbitrary Code
A recently discovered vulnerability in Microsoft Office Word has raised concerns over the security of the popular productivity suite. This...
-
Top 7 REST API Security Strategies to Secure Your Endpoints
In today’s REST API-driven landscape, most APIs are REST-based and widely utilized by web applications. These APIs are like versatile tools for...
-
Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities
Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard...
-
QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks
Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since...
-
Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign...
-
Hackers are Abusing Dropbox to Steal Microsoft SharePoint Credentials
A growing cyber threat involving Dropbox has emerged, and it’s raising concerns across the cybersecurity landscape. In the initial two weeks of...
-
Looney Tunables: Linux Vulnerability Lets Attackers Gain Root Privileges
A buffer overflow issue has been disclosed in the GNU C Library’s dynamic loader ld.so, which might allow local attackers to acquire root...
-
ShellTorch Flaw Exposes Thousands of AI Servers to RCE Attacks
ShellTorch Serve is an open-source model-serving library developed by PyTorch that simplifies the deployment of machine learning models for...