Web Apps and Admin Center Goes Offline
Microsoft is investigating a widespread outage that disrupted access to Microsoft 365 web applications and the Microsoft 365 admin center earlier today. The issue affected…
Category: CyberSecurityNews
Chinese Hackers Using Visual Studio Code Tunnels & RDP To Gain Remote Access
In a sophisticated cyber-espionage campaign dubbed ‘Operation Digital Eye,’ suspected Chinese state-backed hackers targeted major business-to-business IT service providers across Southern Europe between late June…
SAP NetWeaver Vulnerabilities Let Attackers Upload Malicious PDF Files
SAP has issued a crucial security update addressing multiple high-severity vulnerabilities in its NetWeaver Application Server for Java, specifically within the Adobe Document Services component.…
RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins
An ongoing RedLine info-stealer effort targets Russian-speaking entrepreneurs using unlicensed corporate software copies to automate business operations. Attackers were distributing a malicious version of the…
WhatsApp View Once Vulnerability Let Attackers Bypass The Privacy Feature
Meta’s WhatsApp recently faced scrutiny after a significant vulnerability in its “View Once” feature was discovered, allowing attackers to bypass its privacy protections. This feature,…
Dell Power Manager Vulnerability Let Attackers Execute Malicious Code
A critical security vulnerability has been discovered in Dell Power Manager (DPM), a widely used application for managing power settings on Dell systems. The flaw,…
Radiant Hacked – $50 Million USD Worth Crypto Stolen by North Korean Hackers
Radiant Capital, a prominent decentralized finance (DeFi) protocol, has fallen victim to a major security breach, resulting in the loss of approximately $50 million USD.…
New Meeten Malware Attacking macOS And Windows Users To Steal Logins
A new scam effort has been observed targeting Web3 leveraging fake video conferencing applications to deliver an information stealer dubbed Realst. Realst crypto stealer has…
Over 270 Critical Vulnerabilities Listed
The Cybersecurity and Infrastructure Security Agency (CISA) has published its latest vulnerability bulletin, detailing over 270 security vulnerabilities identified in the past week across a…
Python Vulnerability in MacOS or Linux Leads to Exploiting The Memory
A high-severity vulnerability (CVE-2024-12254) impacting CPython has been publicly disclosed, affecting Python versions 3.12.0 and later. The flaw, identified in the asyncio module, specifically lies…
Uncovering Attacker’s Infrastructre & Tactics Via Passive DNS
In the ever-evolving landscape of cybersecurity, understanding how attackers establish and maintain their attack infrastructure is crucial for building robust defenses. A recent study by…
Let’s Encrypt to End Support for Online Certificate Status Protocol (OCSP)
Let’s Encrypt, a leading provider of free SSL/TLS certificates, has officially announced its timeline for discontinuing support for the Online Certificate Status Protocol (OCSP) in…