ASUS Routers Vulnerabilities Allows Arbitrary Code Execution
ASUS, a leading networking equipment manufacturer, has issued a critical security advisory for several router models.
The company has identified injection and execution vulnerabilities in certain firmware series that could allow authenticated attackers to trigger...
Siemens UMC Vulnerability Let Remote Attacker Execute Arbitrary Code
A critical security flaw has been discovered in Siemens' User Management Component (UMC), potentially exposing numerous industrial control systems to remote attacks.
The vulnerability, identified as CVE-2024-49775, allows unauthenticated, remote attackers to execute arbitrary...
Critical Dell Product Vulnerabilities Let Attackers Compromise Affected Systems
Dell has recently disclosed two critical security vulnerabilities affecting a wide range of its products, potentially exposing numerous systems to serious risks.
The vulnerabilities, identified as CVE-2024-37143 and CVE-2024-37144, impact various versions of Dell PowerFlex...
.webp?w=324&resize=324,235&ssl=1 "SAP NetWeaver Vulnerabilities Let Attackers Upload Malicious PDF Files")
SAP NetWeaver Vulnerabilities Let Attackers Upload Malicious PDF Files
SAP has issued a crucial security update addressing multiple high-severity vulnerabilities in its NetWeaver Application Server for Java, specifically within the Adobe Document Services component.
The patch, released on December 10, 2024, as part...
Hackers Exploited Windows Event Logging Tool To Steal Data Secretly
Wevtutil.exe, a Windows event log utility, can be used maliciously in Living Off the Land (LOLBAS) to export logs for exfiltration, query specific event data, or clear logs.
Attackers increasingly use Living Off the Land...
Critical MediaTek Bluetooth Chipset Vulnerabilities Impacted 1.5 Billion+ Android Users
A series of security vulnerabilities have been identified in MediaTek chipsets, affecting several Android versions and other related software platforms.
MediaTek leads the market in powering Android tablets and smart-feature phones and ranks as...
North Korean Hacking Group Launches Undected Malwareless URL Phishing Attacks
Researchers from South Korea have discovered that the notorious North Korean hacking group, known as Kimsuky, has adapted its phishing tactics to use malwareless phishing attack tactics, which evade major EDR detection.
The group, which...
“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via AiTM Attacks
Cybersecurity researchers have identified a concerning link between the advanced phishing toolkit known as 'Rockstar 2FA' and a surge in adversary-in-the-middle (AiTM) phishing attacks.
Highly advanced methods are used in these campaigns to trick people...
Critical GPU DDK Vulnerabilities Allow Attackers to Execute Arbitrary Code in Physical Memory
A significant development for the tech community is the identification of 2 critical vulnerabilities in several versions of a widely-used GPU Driver Development Kit (DDK) that affect systems using Unified Memory Architecture (UMA).
On...
Teaching AI to Hack: Researchers Demonstrate ChatGPT’s to Ethically Hack Linux & Windows
In a new study released today, researchers have demonstrated the significant potential of artificial intelligence (AI) in enhancing ethical hacking practices, particularly in Linux environments.
The study, conducted by Haitham S. Al-Sinani from the...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...