OpenWrt Vulnerability Let Attackers Inject Malicious Firmware Images
A critical vulnerability in OpenWrt's firmware upgrade system has been recently unveieled by the security researcher RyotaK from Flatt Security Inc..
The exploit, which combines a truncated SHA-256 collision with a command injection technique, could...
FBI Warns Of GenAI Abused Create Sophisticated Social Engineering Attacks
The Federal Bureau of Investigation (FBI) has issued a stark warning about the escalating use of GenAI (Generative AI) by criminals to perpetrate large-scale fraud with unusual credibility.
This alarming trend marks a significant shift...
New Red Teamers Tool to Execute System Commands Via Microsoft Teams
A groundbreaking tool has emerged in the realm of red teaming, offering a sophisticated method to execute system commands on compromised hosts through Microsoft Teams.
This innovative Command and Control (C2) infrastructure, known as convoC2,...
Authorities Dismantled 50+ Servers Used By Criminal Marketplace
Europol has recently announced the successful takedown of a sophisticated online fraud network.
The operation, spearheaded by German authorities and supported by law enforcement agencies across Europe, resulted in the seizure of over 50 servers...
U.S. Organization In China Attacked By China-Based Hackers
A large U.S. organization with significant operations in China fell victim to a sophisticated cyber attack, likely orchestrated by China-based hackers.
The intrusion, which lasted for four months from April to August 2024, allowed the...
MOONSHINE Kit Exploiting Android Messaging Apps Flaw To Inject Backdoor
A sophisticated exploit kit named MOONSHINE has been actively targeting Android messaging apps to implant backdoors on users' devices.
This toolkit, under continuous monitoring since 2019, has recently been found to have an upgraded version...
HR & IT-Related Phishing Emails Are Top-Clicked Among Phishing Email Types
Phishing emails masquerading as HR and IT-related communications are the most likely to be clicked on by employees as unveiled in a recent study, posing a significant cybersecurity risk to organizations across various industries.
The...
Cloudflare Developer Domains Abused For Cyber Attacks
Cloudflare developer domains are actively abused by the threat actors for several illicit malicious purposes, as reported by the security analysts at FORTRA.
Recent investigations have uncovered a significant surge in attacks targeting Cloudflare Pages...
New TLDs Like .shop, .top And .xyz Attracting Phishers
A significant surge in phishing attacks has been unveiled by a recent study conducted by Interisle Consulting, with a nearly 40% increase in the year ending August 2024.
The research highlights that much of this...
Apple Employee Suing Company For Monitoring Employee Personal Devices
A current Apple employee has filed a lawsuit against the Apple, accusing the company of invasive surveillance practices that extend into workers' personal lives.
The lawsuit, filed in California state court on Sunday, December 1,...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...