Fake BianLian Ransom Claims Targeting US Firms With Physical Letters
Multiple US organizations reported receiving suspicious physical letters claiming to be from the BianLian ransomware group. These letters have been delivered via regular mail to…
Category: CyberSecurityNews
X (Twitter) Down? Massive Outage Leads to Page Load Issues
X (formerly Twitter) experienced a global outage today, March 10, 2025, leaving many users unable to access the platform. The disruption, which affected both the…
Moxa Industrial Ethernet Switches Vulnerability Let Attackers Gain Admin Access
A critical security flaw in Moxa’s PT series industrial Ethernet switches enables attackers to bypass authentication mechanisms and compromise device integrity. Tracked as CVE-2024-12297, this…
Laravel Framework Vulnerability Let Attackers Execute Malicious Java Script
A critical security vulnerability (CVE-2024-13918) in the Laravel framework allows attackers to execute arbitrary JavaScript code on websites running affected versions of the popular PHP…
Researcher Hacked Embedded Devices To Extract The Firmware
A security researcher known as newp1ayer48 has successfully demonstrated a method to extract firmware from IoT and embedded devices using direct Flash Memory dumps, providing…
Apple iOS 18.4 Beta 3 Released With New Features & Enhancements
Apple has taken another step toward the official release of iOS 18.4 by seeding the third developer beta of the update to testers late on…
North Korean Hackers Weaponizing ZIP Files To Execute Malicious PowerShell Scripts
Security researchers have identified a sophisticated attack campaign attributed to APT37, a North Korean state-sponsored hacking group also known as ScarCruft, Reaper, and Red Eyes.…
CISA Adds 3 Ivanti Endpoint Manager Vulnerabilities to Known Exploited Vulnerabilities Catalog
Today CISA added three Ivanti Endpoint Manager (EPM) vulnerabilities CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161 to its Known Exploited Vulnerabilities (KEV) catalog. These absolute path traversal flaws…
CISA Adds 2 VeraCore Vulnerabilities to Known Actively Exploit Vulnerability Catalog
CISA has likely added two VeraCore vulnerabilities, CVE-2024-57968 and CVE-2025-25181, to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation by the XE Group.…
New North Korean Moonstone Sleet Employs Creative Tactics To Deploy Custom Ransomware
Cybersecurity researchers have identified a sophisticated ransomware campaign attributed to a North Korean threat actor dubbed “Moonstone Sleet.” The group has deployed an advanced custom…
1 Million Devices Infected by Malwares Hosted on GitHub, Microsoft Warns
Microsoft Threat Intelligence detected a large-scale malvertising campaign in early December 2024 that infected nearly one million devices globally in an opportunistic attack designed to…
Threat Actors Leverage YouTubers to Attack Windows Systems Via SilentCryptoMiner
Security researchers have uncovered a sophisticated malware campaign where threat actors are coercing popular YouTubers to distribute SilentCryptoMiner malware disguised as restriction bypass tools. This…