Researchers uncovered new security vulnerabilities in the Azure Data Factory Apache Airflow integration dubbed “Dirty DAG”, which allow attackers to get unauthorized write permissions to…
A critical Remote Code Execution (RCE) vulnerability (CVE-2024-6386), affecting over 1,000,000 active installations of the WordPress Multilingual Plugin (WPML). This flaw, stemming from a Server-Side…
Securonix Threat Research team has uncovered a sophisticated tax-related phishing campaign that employs Microsoft Common Console Document (MSC) files and advanced obfuscation techniques to deliver…
In a striking display of cyber sophistication, the advanced persistent threat (APT) group Earth Koshchei, also tracked as APT29 or Midnight Blizzard, has been linked…
Researchers have identified a critical set of HTTP Response Splitting vulnerabilities in Kerio Control, a widely used Unified Threat Management (UTM) solution developed by GFI…
Cisco has announced its acquisition of the threat detection company SnapAttack. This acquisition aims to supercharge Cisco’s ever-expanding security portfolio, particularly by enhancing Splunk—Cisco’s leading Security…
The much-anticipated final release of Kali Linux for 2024.4 is here, packed with many updates, new hacking tools, and powerful features, from a new default…
The Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, one of which belongs to a Windows…
In a significant move that will reshape the cybersecurity landscape, Arctic Wolf and BlackBerry Limited (NYSE: BB; TSX:BB) announced today that they have entered into…
CoinLurker is a sophisticated data-stealing malware that has revolutionized fake update campaigns. Written in the Go programming language, CoinLurker incorporates advanced obfuscation and anti-analysis techniques,…
Hackers leveraged Microsoft Teams to manipulate a victim into granting remote access to their system. The attack, analyzed by Trend Micro, highlights the growing sophistication…
A new wave of cyberattacks has emerged, targeting YouTube creators through malicious collaboration requests that exploit the trust between creators and brands. Cybersecurity experts have…
