Microsoft Patches 6 Zero-Days That Threat Actors Actively Exploiting
Microsoft has released its August 2024 Patch Tuesday update to address 90 security vulnerabilities. The update includes fixes for six zero-day flaws actively exploited across…
Category: CyberSecurityNews
Uncle Scam – AI-Powered Phishing Attack Microsoft Dynamics 365
Security researchers at Perception Point have uncovered a sophisticated phishing campaign, dubbed “Uncle Scam.” In this AI-powered campaign, threat actors impersonate U.S. government agencies to…
0-Click Outlook Vulnerability Triggred RCE When Email is Opened
Morphisec researchers have recently uncovered a critical vulnerability in Microsoft Outlook, identified as CVE-2024-30103. It can execute malicious code as soon as an email is…
Zabbix Server Vulnerability Lets Attacker Execute Arbitrary Code
A critical security vulnerability, identified as CVE-2024-22116, has been patched in Zabbix, a popular monitoring solution. The vulnerability allowed an administrator with restricted permissions to…
Beware Of Malicious Typosquat Package That Steals Your Secret Keys
Hackers often target the Solana Python API ecosystem to exploit vulnerabilities in decentralized applications, access private keys, or manipulate transactions on the Solana blockchain. Recently…
Post-Exploitation Technique After Hacking Ivanti, Fortigate VPN Servers
Akamai researchers have delved into the often-overlooked threat of VPN post-exploitation, highlighting techniques that threat actors can use to escalate their intrusion after compromising a…
AMD Sinkclose Vulnerability Let Attackers Most Privileged Portions
A Sinkclose vulnerability, which has been detected in AMD processors for decades, lets hackers obtain access to some of the most privileged areas of a…
Hackers as Security Service Compromised 100 Govt Systems
Hackers masquerading as the Security Service of Ukraine have compromised over 100 government systems. The Computer Emergency Response Team of Ukraine (CERT-UA) at the State…
IBM Aspera Shares Vulnerability Let Attackers Login as Any User
IBM has disclosed a vulnerability in its Aspera Shares software, CVE-2023-38018. This flaw in user session handling could potentially allow attackers to impersonate any user…
ONNX Bot Tool Hijacks Microsoft 365 accounts & Even Bypass 2FA
Researchers have uncovered a sophisticated phishing marketplace, the ONNX Store, which provides cybercriminals with advanced tools to hijack Microsoft 365 accounts. Alarmingly, these tools include…
Sonos Smart Speaker Vulnerability Let Attackers Execute Remote Code
In the beginning of August 2024, Sonos released a security advisory in which they fixed two security vulnerabilities that were associated with Remote Code Execution.…
New Dark Skippy Attack Let Hackers Steal Secret Keys From Signing Device
The threat landscape is significantly evolving, and cybersecurity researchers are continuously developing new security mechanisms to mitigate such evolving and sophisticated threats. Cybersecurity researchers Lloyd…