General Security News
-
Hackers Launch MiTM Attack to Bypass VMware Tools SAML Authentication
VMware has been reported with a SAML token signature bypass vulnerability, which a threat actor can exploit to perform VMware Guest operations....
-
Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code
Splunk Enterprise has multiple vulnerabilities that can lead to Cross-site Scripting (XSS), Denial of Service (DoS), Remote code execution,...
-
Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack
Cisco released a fix for the medium impact vulnerability found on CommPilot Application Software, allowing cross-site scripting against the user...
-
Classiscam Scam-as-a-Service Raked $64.5 Million During the COVID-19 Pandemic
The Classiscam scam-as-a-service program has reaped the criminal actors $64.5 million in illicit earnings since its emergence in 2019. "Classiscam...
-
SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations
An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and...
-
North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository
Three additional rogue Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply...
-
Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever
Qakbot (aka QBot, Pinkslipbot) is a sophisticated banking Trojan malware that can spread through various methods. Once installed on a system,...
-
Google Chrome Security Update: High-Severity Vulnerability Patched
Google has updated the Stable and Extended Stable channels for Mac, Linux, and Windows to version 116.0.5845.140/.141 to address a security issue...
-
DarkGate Loader Delivered Through Stolen Email Threads to Lure Victims
The research revealed high malspam activity of DarkGate malware distributed via phishing emails to the users either through MSI files or VBs...
-
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by...
-
MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature
A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to...
-
China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy...