Adobe ColdFusion Vulnerability Let Attackers Read arbitrary files
Adobe has issued updates to address a vulnerability in its ColdFusion software that could allow attackers to read arbitrary files from affected systems. The flaw,…
Category: CyberSecurityNews
Brazilian Hacker Charged for Selling Data Stolen From Hacked Computers
Junior Barros De Oliveira, a 29-year-old resident of Curitiba, Brazil, has been indicted in the United States for orchestrating an extortion scheme involving data stolen…
Node.js “systeminformation” Vulnerability Exposes Millions of Systems to RCE Attacks
A critical security vulnerability has been discovered in the widely-used Node.js package “systeminformation,” potentially exposing millions of systems to remote code execution (RCE) attacks. The…
Hackers Deploy AsyncRAT and SectopRAT Malware Using ScreenConnect on Windows
Cybercriminal groups are increasingly blending new and traditional techniques to steal sensitive information from unsuspecting users by deploying remote access tools (RATs) such as AsyncRAT…
Webmin RCE Vulnerability Let Attackers Execute Arbitrary Code & Gain Server Control
Webmin, the popular web-based system administration tool, has been found to contain a critical security vulnerability that could allow attackers to seize control of servers.…
G-Door Vulnerability Lets Hackers Bypass Microsoft 365 Security With Google Docs
A newly discovered vulnerability, dubbed “G-Door,” allows malicious actors to circumvent Microsoft 365 security measures by exploiting unmanaged Google Docs accounts. This security flaw poses…
Threat Actors Exploiting Microsoft Office Vulnerability to Execute Malicious Code
A sophisticated cyber-espionage group known as Cloud Atlas has been observed leveraging a critical Microsoft Office vulnerability to launch targeted attacks against organizations in Eastern…
Italy Imposed EUR 15 million Fine to Open AI For Violating GDPR
The Italian Data Protection Authority (known as “Il Garante”) has imposed a €15 million fine on OpenAI for violations of the General Data Protection Regulation…
Researchers Bypass WPA3 to Acquire Network Password
Researchers have successfully bypassed the Wi-Fi Protected Access 3 (WPA3) protocol to obtain network passwords using a combination of Man-in-the-Middle attacks and social engineering techniques.…
IBM Cognos Analytics Vulnerability Allows Malicious File Upload & Injection Attacks
IBM has released a critical security update for its Cognos Analytics software, addressing two severe vulnerabilities: CVE-2023-42017 and CVE-2024-51466. These vulnerabilities could allow attackers to upload malicious files…
PHP-based Craft CMS Vulnerability Let Attackers Execute Remote Code
A critical vulnerability in the popular PHP-based Craft CMS has been discovered, allowing unauthenticated attackers to execute remote code on affected systems. The security flaw,…
U.S Intelligence Agencies Launched Cyber Attacks on Chinese Tech Companies
The Chinese National Internet Emergency Center has discovered and resolved two significant cases of cyber espionage targeting Chinese technology companies and research institutions. The attacks,…