Threat Actors Allegedly Claim Access to Nokia’s Internal Network
A threat actor, Tsar0Byte, allegedly claimed to have breached the company’s internal network through a vulnerable third-party link, exposing sensitive data belonging to more than…
Category: CyberSecurityNews
Palo Alto Networks to Acquire CyberArk in $25 Billion Deal
Palo Alto Networks, a leader in cybersecurity, announced today that it has agreed to buy CyberArk, a company known for identity security, for about $25…
Threat Actors Weaponize LNK Files With New REMCOS Variant That Bypasses AV Engines
Cybercriminals are increasingly leveraging malicious Windows Shortcut (LNK) files to deploy sophisticated backdoors, with a new campaign delivering an advanced REMCOS variant that successfully evades…
WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control
A critical remote code execution (RCE) vulnerability in the popular “Alone” WordPress theme is being actively exploited by attackers to gain complete control of vulnerable…
Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack
A critical vulnerability in SonicWall Gen7 firewall products could allow remote unauthenticated attackers to cause service disruptions through denial-of-service (DoS) attacks. The format string vulnerability…
BeyondTrust Privilege Management for Windows Vulnerability Let Attackers Escalate Privileges
A significant security vulnerability has been discovered in BeyondTrust’s Privilege Management for Windows solution, allowing local authenticated attackers to escalate their privileges to the administrator…
Lumma Password Stealer Attack Infection Chain and Its Escalation Tactics Uncovered
The cybersecurity landscape has witnessed a significant surge in information-stealing malware, with Lumma emerging as one of the most prevalent and sophisticated threats targeting Windows…
Global Authorities Share IoCs and TTPs of Scattered Spider Behind Major ESXi Ransomware Attacks
Joint international advisory warns of evolving social engineering tactics and new DragonForce ransomware deployment targeting commercial facilities A collaboration of international cybersecurity agencies issued an…
ChatGPT Agent Bypasses Cloudflare “I am not a robot” Verification Checks
ChatGPT agents demonstrate the ability to autonomously bypass Cloudflare’s CAPTCHA verification systems, specifically the ubiquitous “I am not a robot” checkbox. This development, first documented…
Microsoft Details Defence Techniques Against Indirect Prompt Injection Attacks
Microsoft has unveiled a comprehensive defense-in-depth strategy to combat indirect prompt injection attacks, one of the most significant security threats facing large language model (LLM)…
Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware
A sophisticated cyberattack targeting a US-based chemicals company has revealed the first observed pairing of SAP NetWeaver exploitation with Auto-Color malware, demonstrating how threat actors…
How Simple Prompts Can Lead to Major Breaches
Enterprise applications integrating Large Language Models (LLMs) face unprecedented security vulnerabilities that can be exploited through deceptively simple prompt injection attacks. Recent security assessments reveal…