Hackers Weaponizing Shortcut Files With Zero-day Tricks To Attack Windows Users
Hackers weaponize shortcut files because they are an inconspicuous way to execute malicious code on a target system.
These files can be disguised as harmless icons but actually contain commands that, when clicked, launch harmful...
.webp?w=324&resize=324,235&ssl=1 "Huge Surge in Attacks Exploiting Check Point VPN Zero-Day Vulnerability")
Huge Surge in Attacks Exploiting Check Point VPN Zero-Day Vulnerability
Check Point published an advisory regarding a critical vulnerability, CVE-2024-24919, which has since seen a surge in exploitation attempts.
The vulnerability, rated with a CVSS score of 8.6, allows attackers to access sensitive information on...
.webp?w=324&resize=324,235&ssl=1 "13,800+ Internet-Exposed Check Point Gateways Vulnerable To 0-Day Attacks: Poc Released")
13,800+ Internet-Exposed Check Point Gateways Vulnerable To 0-Day Attacks: Poc Released
A critical zero-day vulnerability, CVE-2024-24919, has been discovered in Check Point Security Gateways, enabling the IPSec VPN or Mobile Access blades.
This vulnerability is actively exploited in the wild, posing a significant threat to...
.webp?w=324&resize=324,235&ssl=1 "Beware! Threat Actor Selling Outlook RCE 0-Day on Hacking Forums")
Beware! Threat Actor Selling Outlook RCE 0-Day on Hacking Forums
A new threat has emerged on the darker corners of the internet.
A threat actor has reportedly put up for sale a Remote Code Execution (RCE) 0-day exploit targeting various versions of Microsoft Outlook,...
.webp?w=324&resize=324,235&ssl=1 "Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe")
Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe
Security researchers have uncovered four zero-day vulnerabilities within OpenVPN, the world's leading VPN solution.
These vulnerabilities pose significant threats to millions of devices globally.
These vulnerabilities, identified by the internal codename OVPNX, affect a wide...
ArcaneDoor Hackers Who Exploited Cisco Firewall Zero-Days Linked To China
Hackers target Cisco Firewalls due to their widespread use and the potential to exploit vulnerabilities to gain unauthorized access, steal data, and launch cyber attacks.
Cisco Talos recently reported on a global campaign dubbed...
CrushFTP Zero-Day Could Allow Attackers To Gain Complete Server Access
CrushFTP disclosed a zero-day vulnerability (CVE-2024-4040) affecting versions below 10.7.1 and 11.1.0. The vulnerability allows remote attackers with low privileges to bypass the VFS sandbox and read arbitrary files on the underlying filesystem.
It could...
$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day
This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program.
Crowdfense is the world's premier research...
Lazarus Hackers Exploited Windows kernel 0-day In The Wild
The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive.
This vulnerability was previously unknown which exists in the appid.sys AppLocker driver.
This...
Hackers launched 250,000+ Attacks to Exploit Ivanti VPN 0-Day
Ivanti Connect Secure vulnerabilities were disclosed in January 2024 as a potential gateway for threat actors to penetrate corporate networks.
The two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 were associated with authentication bypass and arbitrary command...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...