General Security News
-
Nmap 7.94 Released: What’s New!
The latest version of Nmap, 7.94, was released on its 26th birthday. The most significant upgrade was the migration of Zenmap and Ndiff from...
-
CISA:Notorious Chisel Android Malware Steals Data and Monitors Traffic
With the rise of new technological innovations and security mechanisms, threat actors are also upgrading their skills and evolving rapidly. These...
-
Promptmap – Tool to Test Prompt Injection Attacks on ChatGPT Instances
Prompt injection refers to a technique where users input specific prompts or instructions to influence the responses generated by a language model...
-
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a...
-
PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability
Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for...
-
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator...
-
Hackers Launch MiTM Attack to Bypass VMware Tools SAML Authentication
VMware has been reported with a SAML token signature bypass vulnerability, which a threat actor can exploit to perform VMware Guest operations....
-
Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code
Splunk Enterprise has multiple vulnerabilities that can lead to Cross-site Scripting (XSS), Denial of Service (DoS), Remote code execution,...
-
Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack
Cisco released a fix for the medium impact vulnerability found on CommPilot Application Software, allowing cross-site scripting against the user...
-
Classiscam Scam-as-a-Service Raked $64.5 Million During the COVID-19 Pandemic
The Classiscam scam-as-a-service program has reaped the criminal actors $64.5 million in illicit earnings since its emergence in 2019. "Classiscam...
-
SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations
An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and...
-
North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository
Three additional rogue Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply...