Supply Chain Attack Leveraging Entry Points in PyPI, npm, Ruby Gems & NuGet
A sophisticated supply chain attack has been identified, leveraging entry points in popular open-source package repositories, including PyPI (Python), npm...
Read more →Category: CyberSecurityNews
CoreWarrior Malware Attacking Windows Machines With Self-replication Capabilities
Malware targeting Windows machines continues to be a significant threat. While these threats could be in various forms like viruses,...
Read more →
Popular Java Framework pac4j Vulnerable To RCE Attacks
A critical security vulnerability has been identified in the popular Java security framework, pac4j, specifically affecting versions prior to 4.0....
Read more →
North Korean Posing as Recruiters to Attack Job Seekers Device
Hackers target job seekers primarily for financial gain and to obtain sensitive personal information. Many job seekers are vulnerable due...
Read more →
Gmail Users Beware Of AI Scam Calls that Takeovers Your Gmail Account
A sophisticated new scam targeting Gmail users has emerged, using artificial intelligence to trick victims into surrendering control of their...
Read more →
Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication
2FA enhances security by requiring two distinct forms of identification before granting access to an account or service. Though 2FA...
Read more →
Apache Roller CSRF Vulnerability Let Attackers Escalate privileges
The Apache Roller team revealed a critical security update addressing a Cross-Site Request Forgery (CSRF) vulnerability that could allow attackers...
Read more →
Critical Zendesk Email Spoofing Flaw Let Attackers Gain Access To Support Tickets
A severe vulnerability in Zendesk, a widely used customer service tool, has been exposed, allowing attackers to gain unauthorized access...
Read more →
GitHub Enterprise Server Vulnerability Allows Authentication Bypass
A critical vulnerability has been identified in GitHub Enterprise Server, posing significant security risks by allowing attackers to bypass authentication...
Read more →
87,000+ FortiOS Devices Vulnerable to Remote Code Execution Attacks
A critical security vulnerability affecting over 87,000 FortiOS devices has been discovered, leaving them exposed to potential remote code execution...
Read more →
Cyber Security News Letter(Weekly) – Data Breaches, Vulnerability, Cyber Attack & Other Stories
Welcome to this week’s Cybersecurity Newsletter, bringing you the latest updates and insights from the world of cybersecurity. Stay informed...
Read more →
HashiCorp Cloud Vault Vulnerability Let Attackers Escalate Privileges
HashiCorp, a leading provider of cloud infrastructure automation software, has disclosed a critical security vulnerability in its Vault secret management...
Read more →