Webmin RCE Vulnerability Let Attackers Execute Arbitrary Code & Gain Server Control
Webmin, the popular web-based system administration tool, has been found to contain a critical security vulnerability that could allow attackers to seize control of servers. The vulnerability, identified as CVE-2024-12828, has been assigned a...
Microsoft Warns of Windows 11 24H2 Bug Blocks Security Updates
Microsoft has alerted users to a critical bug affecting the Windows 11 24H2 update, which could potentially leave systems vulnerable to security threats.
The issue, identified on December 24, 2024, specifically impacts installations performed using...
Hackers Hijacked 16 Chrome Extensions to Inject Malicious Code
In a sophisticated cyberattack campaign that began in mid-December, hackers have compromised at least 16 Chrome browser extensions, exposing over 600,000 users to potential data theft.
The breach, which came to light through a series...
Ninth US Telecom Breached by Chinese Hackers – Texts & Calls Records Stolen
The White House has confirmed that a ninth U.S. telecommunications company has fallen victim to the 'Salt Typhoon' campaign, a sophisticated cyberattack attributed to Chinese hackers.
This breach, which has now impacted at least nine...
Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked
Volkswagen has inadvertently exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.
The breach, which occurred due to a misconfiguration in the systems of Cariad, VW's software subsidiary,...
Cyberhaven Chrome Extension Hacked to Inject Malicious Scripts
Cyberhaven, a leading provider of data loss prevention (DLP) solutions, disclosed a significant security breach involving its Chrome extension.
On December 24, 2024, a targeted cyberattack compromised an administrator account, allowing attackers to publish a...
Palo Alto Networks Firewall Vulnerability “CVE-2024-3393” Exploited in the Wild
Palo Alto Networks has disclosed a high-severity vulnerability, CVE-2024-3393, in its PAN-OS software that powers its next-generation firewalls.
The flaw allows unauthenticated attackers to exploit the DNS Security feature by sending specially crafted DNS packets,...
D-Link Routers Under Attack – Botnet Exploiting Devices to Gain Full Remote Control
A surge in cyberattacks leveraging legacy vulnerabilities in D-Link routers has been detected, with two botnets, FICORA and CAPSAICIN, actively exploiting these weaknesses.
Researchers at Fortinet’s FortiGuard Labs observed a spike in activity from...
New Sophisticated Attack Weaponizes Windows Defender to Bypass EDR
A sophisticated attack technique that weaponizes Windows Defender Application Control (WDAC) to disable Endpoint Detection and Response (EDR) sensors on Windows machines.
WDAC, a technology introduced with Windows 10 and Windows Server 2016, was designed...
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commands
A critical SQL injection vulnerability, identified as CVE-2024-45387, has been discovered in Apache Traffic Control, a widely used open-source platform for managing large-scale content delivery networks (CDNs).
This vulnerability affects versions 8.0.0 through 8.0.1 of...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...