Category: CyberSecurityNews

PayPal Hit With $2 Million Fine For Cybersecurity Failures 
24
Jan
2025

PayPal Hit With $2 Million Fine For Cybersecurity Failures 

The New York State Department of Financial Services (NYDFS) has imposed a $2 million fine on PayPal, Inc. for violations…

370+ Ivanti Connect Secure Exploiting Using 0-day Vulnerability (CVE-2025-0282)
24
Jan
2025

370+ Ivanti Connect Secure Exploiting Using 0-day Vulnerability (CVE-2025-0282)

Over 379 Ivanti Connect Secure (ICS) devices were found to be backdoored following the exploitation of a critical zero-day vulnerability,…

New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling to Evade Detection
24
Jan
2025

New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling to Evade Detection

New ransomware strains are quietly infiltrating VMware ESXi hosts by setting up SSH tunnels and concealing malicious traffic within legitimate…

phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables
24
Jan
2025

phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables

A moderate-severity Cross-Site Scripting (XSS) vulnerability has been identified in phpMyAdmin, a widely used open-source tool for managing MySQL databases. …

Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level
24
Jan
2025

Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level

Adversaries continue to innovate methods to bypass Endpoint Detection and Response (EDR) systems. An exceptionally sophisticated approach involves leveraging hardware…

North Korean IT Workers Demands Ransomware By Stealing Companies Source Codes 
24
Jan
2025

North Korean IT Workers Demands Ransomware By Stealing Companies Source Codes 

North Korean IT workers masquerading as remote workers have been breaking into Western companies, stealing confidential source codes, and requesting…

Critical SonicWall Vulnerability Exploited In Attacks Execute Arbitrary OS Commands 
23
Jan
2025

Critical SonicWall Vulnerability Exploited In Attacks Execute Arbitrary OS Commands 

A critical security vulnerability, tracked as CVE-2025-23006, has been identified in SonicWall’s SMA1000 Appliance Management Console (AMC) and Central Management…

Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques
23
Jan
2025

Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques

A new ransomware strain called Nnice has emerged as a significant threat to Windows systems, employing sophisticated encryption techniques and…

Next.js Framework Exposes Websites To Cache Poisoning & XSS Attacks
23
Jan
2025

Next.js Framework Exposes Websites To Cache Poisoning & XSS Attacks

A critical vulnerability, identified as CVE-2024-46982, has been discovered in the popular Next.js framework, widely used for building full-stack web…

Researcher Jailbreaking an AI's System Prompt Through Creativity
23
Jan
2025

Researcher Jailbreaking an AI’s System Prompt Through Creativity

In a remarkable display of creativity, a researcher showcased how an artificial intelligence (AI) system’s tightly guarded “system prompt” could…

Rails Apps File Write Vulnerability Let Attackers Execute Code Remotely
23
Jan
2025

Rails Apps File Write Vulnerability Let Attackers Execute Code Remotely

Researchers uncovered a critical security vulnerability in Rails applications that leverages the Bootsnap caching library. This exploit allows attackers to achieve…

Open-Source ClamAV Releases Critical Security Patch Updates – What’s Inside!
23
Jan
2025

Open-Source ClamAV Releases Critical Security Patch Updates – What’s Inside!

The ClamAV team has announced the release of security patch updates for ClamAV versions 1.4.2 and 1.0.8. These updates address…