Category: CyberSecurityNews

GitLab Patch XSS Vulnerability That Lets Attackers to Execute Arbitrary Code
25
Jul
2024

GitLab Patch XSS Vulnerability – Attackers Execute Arbitrary Code

GitLab has released new Community Edition (CE) and Enterprise Edition (EE) versions to address multiple vulnerabilities. Among these, a high-severity…

BIND DNS Server Vulnerability
25
Jul
2024

BIND DNS Server Vulnerability Lets Attackers Flood Server

The Internet Systems Consortium (ISC) has released critical security advisories addressing multiple vulnerabilities in the Berkeley Internet Name Domain (BIND)…

ERP Provider Exposes 769 Million Records, Including API Keys And Email Addresses
24
Jul
2024

ERP Provider Exposes 769 Million Records, Including API Keys And Email Addresses

A massive data breach involving ClickBalance, one of Mexico’s largest Enterprise Resource Planning (ERP) technology providers, has been uncovered by…

LiteSpeed Cache Plugin Flaw Let Attackers Inject Malicious Code, 5M+ Sites Impacted
24
Jul
2024

LiteSpeed Cache Plugin Flaw Let Attackers Inject Malicious Code

The popular LiteSpeed Cache plugin for WordPress has been found vulnerable to a Cross-Site Request Forgery (CSRF) attack, which could…

Windows File Immutability Vulnerability
24
Jul
2024

Windows False File Immutability Vulnerability Let Attackers Execute Arbitrary Code

A new unnamed vulnerability class has been detected in the Windows 11 Kernel that could allow a threat actor to…

Chrome 127 Vulnerabilities Patched
24
Jul
2024

Google Chrome 127 Released With Fix for Vulnerabilities

Google has announced the release of Chrome 127, which is now available on the Stable channel for Windows, Mac, and…

Crowdstrike Details Friday incident
24
Jul
2024

CrowdStrike Details Incident Affected Millions of Windows Systems Worldwide

In a recent preliminary Post-Incident Review (PIR), cybersecurity firm CrowdStrike provided a detailed account of the events that led to…

KnowBe4 Hired Fake North Korean IT Worker, Catches While Installing Malware
24
Jul
2024

KnowBe4 Hired North Korean IT Worker, Catches While Installing Malware

Security awareness and training provider KnowBe4 recently disclosed that it inadvertently hired a fake North Korean IT worker who attempted…

Telegram Zero-Day Vulnerability Exploited Using Malicious Video Files
23
Jul
2024

Telegram Zero-Day Vulnerability Exploited Using Malicious Video Files

ESET researchers recently discovered a critical zero-day vulnerability in the Telegram messaging app for Android, potentially exposing millions of users…

Play Ransomware Variant Attacking Linux ESXi Servers
23
Jul
2024

Play Ransomware Variant Attacking Linux ESXi Servers

Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could…

Top Phishing Campaigns in July 2024: SharePoint Abuse, DeerStealer, and More
23
Jul
2024

Top Phishing Campaigns in July 2024

July saw a new influx of phishing and malware campaigns. The analyst team at ANY.RUN sandbox is closely monitoring all…

Beware Of Braodo Stealer That Steals Users' Login Credentials
23
Jul
2024

Beware Of Braodo Stealer That Steals Users’ Login Credentials

Stealers are one of the most used malicious tools that is used by threat actors. As such tools enable hackers…