Angular Expressions Vulnerability Let Attackers Gain Full System Access
A critical security vulnerability in Angular Expressions, a standalone module for the Angular.JS web framework, has been discovered, potentially allowing attackers to execute arbitrary code and gain full system access.
The vulnerability, identified as CVE-2024-54152,...
PoC Exploit Tool Released for Critical Windows LDAP Zero-click RCE Vulnerability
Researchers unveiled a proof-of-concept (PoC) exploit for a critical vulnerability in Windows Lightweight Directory Access Protocol (LDAP), tracked as CVE-2024-49112.
The flaw, disclosed by Microsoft on December 10, 2024, during its Patch Tuesday update, carries...
New Update – 35 Google Chrome Extensions Hacked to Inject Malicious Code
A massive phishing campaign has compromised at least 35 Google Chrome extensions, collectively used by approximately 2.6 million users, injecting malicious code to steal sensitive information from unsuspecting victims.
Early indicators suggest that the hackers...
Over 3.3M POP3/IMAP Services Running Unencrypted Without TLS Enabled
It has been discovered that over 3.3 million POP3 and a similar number of IMAP services are operating without the necessary encryption protocols, leaving usernames and passwords vulnerable to interception.
This issue, highlighted by...
Cisco Data Breach – Authenticity of 4.45GB Data Leak Confirmed
Cisco has confirmed the authenticity of a 4.45GB data leak posted online by the hacker known as IntelBroker.
The leaked files, released on December 25, 2024, via BreachForums, are part of a larger dataset...
US Treasury Department Hacked – Attackers Gained Access to Workstations
A Chinese state-sponsored hacker has successfully breached the US Treasury Department's systems, gaining access to employee workstations and unclassified documents, American officials revealed on Monday.
The intrusion occurred in early December and was disclosed in...
%20Let%20Attackers%20Compromise%20Server.webp?w=324&resize=324,235&ssl=1 "Oracle WebLogic Server Vulnerability Lets Attackers Compromise the Server Remotely")
Oracle WebLogic Server Vulnerability Lets Attackers Compromise the Server Remotely
A vulnerability, tracked as CVE-2024-21182, in Oracle WebLogic Server, affecting versions 12.2.1.4.0 and 14.1.1.0.0. The flaw, rated with a CVSS score of 7.5 (High), allows unauthenticated attackers to compromise servers remotely via the T3...
Hackers Hijacked 16 Chrome Extensions to Inject Malicious Code
In a sophisticated cyberattack campaign that began in mid-December, hackers have compromised at least 16 Chrome browser extensions, exposing over 600,000 users to potential data theft.
The breach, which came to light through a series...
Ninth US Telecom Breached by Chinese Hackers – Texts & Calls Records Stolen
The White House has confirmed that a ninth U.S. telecommunications company has fallen victim to the 'Salt Typhoon' campaign, a sophisticated cyberattack attributed to Chinese hackers.
This breach, which has now impacted at least nine...
Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked
Volkswagen has inadvertently exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.
The breach, which occurred due to a misconfiguration in the systems of Cariad, VW's software subsidiary,...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...