Patch for Multiple Vulnerabilities Allows RCE
Google has announced the release of Chrome 126, a critical security update that addresses 10 vulnerabilities, including 8 high-severity flaws reported by external researchers. This…
Category: CyberSecurityNews
Oracle WebLogic Server Vulnerability Allows Complete Server Take Over
A critical vulnerability identified as CVE-2024-21181 has been discovered in the Oracle WebLogic Server, posing a significant risk to affected systems. This vulnerability, disclosed on…
Novel Chinese Browser Injector Lets Hackers Intercept Web Traffic
Hackers exploit browser injectors to manipulate web content, steal sensitive information, and hijack user sessions. By injecting malicious code into a user’s browser, they can…
Hackers Using BadPack APK Packer to Hide Malware File Structure
Hackers often exploit the APK packers to hide malicious codes within Android applications. This will make detecting and analyzing malware more difficult for security programs.…
12.9 Million Australian Users’ Sensitive Data Hacked
In one of the largest cyber breaches in Australian history, MediSecure, a former provider of digital prescriptions, has revealed that hackers earlier this year stole…
Cybercriminals Heavily Preparing For 2024 Paris Olympic Games Based Attacks
Major sporting events with massive online audiences, like the World Cup and Olympics, have become magnets for cyberattacks, which are growing rapidly as documented attacks…
New VPN Port Shadow Vulnerabilities Let Attacker Intercept Encrypted Traffic
Researchers examined how connection tracking, a fundamental function in operating systems, can be exploited to compromise VPN security and identified a new attack method named…
Leaked Cellebrite Docs Reveal List of Phones That Can Be Unlocked
Confidential documents from mobile forensics company Cellebrite, recently obtained and verified by 404 Media, provide a rare glimpse into the capabilities and limitations of phone…
INTERPOL Taken Down West African Organized Crime Groups
Operation Jackal III has successfully targeted West African organized crime groups, including the notorious Black Axe syndicate. From April 10 to July 3, the operation…
Weaponized AWS Packages That Deliver Malware Via JPEG Files
Attackers hide malicious payloads deep within seemingly legitimate Python packages, where two such packages were found. One, img-aws-s3-object-multipart-copy, is a copy of a real library…
SAPwned Vulnerability Attack Let Hackers Users Access Cloud Environments
Multiple vulnerabilities in SAP AI Core had been identified, giving malicious actors access to customer data and the ability to take control of the service.…
Cisco Smart Software Manager Flaw let Attackers Change Any User Passwords
Cisco has disclosed a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) that permits unauthenticated, remote attackers to change the passwords of any…