The BADBOX botnet, a sophisticated cybercriminal operation, has compromised approximately 74,000 devices, including Android TV boxes, smartphones, and other electronics. This malware is pre-installed on…
The notorious hacker IntelBroker has leaked 2.9GB of data allegedly stolen from Cisco’s DevHub environment. This partial leak, disclosed on December 16, 2024, is part…
A sophisticated cyber espionage campaign leveraging red team tools to exploit Remote Desktop Protocol (RDP) servers has been uncovered, with the threat actor Earth Koshchei…
Two critical vulnerabilities have been discovered in Apache Tomcat, the popular open-source web server, and servlet container, potentially allowing attackers to execute remote code and…
With critical SAP vulnerabilities being weaponized within 72 hours of a patch release, and unprotected SAP applications provisioned in cloud environments being discovered and compromised…
A sophisticated phishing campaign exploiting fake Microsoft SharePoint notifications to distribute the Xloader malware. This malicious operation, recently intercepted by Sublime Security, highlights the growing…
Google Calendar, with over 500 million active users worldwide and availability in 41 languages, has long been celebrated for its efficiency in organizing schedules and…
Google’s Mandiant FLARE team has unveiled XRefer, a cutting-edge tool designed to streamline the complex process of malware analysis. This innovative plugin for IDA Pro…
The Cybersecurity and Infrastructure Security Agency (CISA) has released Binding Operational Directive (BOD) 25-01, mandating federal civilian agencies to enhance the security of their Microsoft…
The AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware, named cShell, targeting poorly managed Linux SSH servers (screen and hping3).…
A critical security vulnerability has been identified in Apache Struts, a popular open-source framework for building Java-based web applications actively used in attacks leveraging publish…
The Federal Bureau of Investigation (FBI) has issued a Private Industry Notification (PIN) alerting cybersecurity professionals and system administrators about a new threat targeting web…
