WordPress Plugin Flaw Exposes 200,000 WordPress Sites To Hacking
A critical vulnerability was discovered on October 30th, 2024 in the Anti-Spam by CleanTalk WordPress plugin, potentially affecting over 200,000 active installations. This flaw allows…
Category: CyberSecurityNews
CISA Details Red Team’s Activity Including TTPs & Network Defense
A comprehensive Red Team Assessment (RTA) was conducted recently by the Cybersecurity and Infrastructure Security Agency (CISA) on a critical infrastructure organization in the United…
7 New Flaws In Android & Google Pixel Devices Let Attackers Elevate Privileges
Seven critical vulnerabilities affecting Android and Google Pixel devices were recently uncovered during a recent analysis of mobile applications. These security flaws, discovered through the…
Starbucks Hit by Ransomware Attack Via Third-party Software Supplier
A ransomware attack on Blue Yonder, a critical supply chain management software provider, has forced Starbucks to revert to manual processes for managing employee schedules…
Critical QNAP Vulnerability Let Attackers Execute Remote Code
Multiple vulnerabilities have been identified in QNAP’s QuRouter, specifically affecting version 2.4.x. The vulnerabilities are tracked as CVE-2024-48860 and CVE-2024-48861, which pose a serious risk…
Hackers Abuse Avast Anti-Rootkit driver To Evade Detection
A malicious campaign has been discovered in which the malware employs a more nefarious tactic, dropping the legitimate Avast Anti-Rootkit driver (aswArPot.sys) to evade detection.…
What is Denial of Service(DoS) Attack?
The rapid growth of the internet and connected systems has revolutionized the way we communicate, work, and live. However, this increased connectivity has also exposed…
Explore MITRE ATT&CK Techniques With ANY.RUN TI Lookup Tool
In a major update aimed at revolutionizing the way cybersecurity professionals tackle threats, ANY.RUN has unveiled its redesigned Threat Intelligence (TI) Lookup platform. The latest…
New DocuSign Attacks Targeting Organizations Working With Government Agencies
A new wave of sophisticated phishing attacks exploiting DocuSign has emerged, specifically targeting businesses that regularly interact with state, municipal, and licensing authorities. Cybersecurity researchers…
Bing.com XSS Vulnerability Let Attackers Send Crafted Malicious Requests
A recent discovery of a cross-site scripting (XSS) vulnerability on Bing.com has raised significant security concerns, potentially allowing attackers to send crafted malicious requests across…
Detecting & Classifying DDoS Attacks Using Machine Learning, New Research
A new research has unveiled promising developments in the detection and classification of Distributed Denial of Service (DDoS) attacks through the application of advanced machine…
Meta Taken Down 2 Million Account Linked To Cyber Crime Activities
Meta has announced the removal of over 2 million accounts linked to cyber crime activities, particularly focusing on schemes like ‘pig butchering.’ This initiative is…