European Space Agency’s official store hacked to steal payment cards
European Space Agency’s official web shop was hacked as it started to load a piece of JavaScript code that generates a fake Stripe payment page…
Author: Cybernoz
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code Pierluigi Paganini December 24, 2024 Adobe released out-of-band security updates to address a…
Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data
KEY SUMMARY POINTs from the article Malicious Packages Identified: Zebo-0.1.0 and Cometlogger-0.1 are malicious Python packages discovered on PyPI. Sensitive Data Theft: These packages steal…
American Airlines shutdown not because of Cyber Attack
On the eve of Christmas 2024, many Americans will be traveling to visit loved ones and attend church services to celebrate the holiday, expressing gratitude…
Apache HugeGraph-Server Vulnerability Lets Attackers Bypass Authentication
A new security vulnerability, CVE-2024-43441, has been identified in Apache HugeGraph-Server, a widely used open-source graph database system. This flaw, classified as an Authentication Bypass…
Clop ransomware is now extorting 66 Cleo data-theft victims
The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to…
OilRig Hackers Exploiting Windows Kernel 0-day to Attack Organizations
The Iranian state-sponsored hacking group OilRig, also known as APT34, has intensified its cyber espionage activities, targeting critical infrastructure and government entities in the United…
FBI links North Korean hackers to $308 million crypto heist
The North Korean hacker group ‘TraderTraitor’ stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May. In a short…
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
Dec 24, 2024Ravie LakshmananMalware / Data Exfiltration Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and…
Clop ransomware threatens 66 Cleo attack victims with data leak
The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to…
Two New Malicious PyPI packages Attacking Users to Steal Login Details
Two malicious Python Package Index (PyPI) packages: Zebo-0.1.0 and Cometlogger-0.1, have been identified, posing a significant threat to user security. These packages, uploaded in November 2024, exploit…
Adobe ColdFusion Vulnerability Let Attackers Read arbitrary files
Adobe has issued updates to address a vulnerability in its ColdFusion software that could allow attackers to read arbitrary files from affected systems. The flaw,…