Category: CyberSecurityNews

OpenWrt Supply Chain Attack Via SHA-256 Collision & Command Injection
09
Dec
2024

OpenWrt Supply Chain Attack Via SHA-256 Collision & Command Injection

A critical vulnerability in OpenWrt’s firmware upgrade system has been recently unveieled by the security researcher RyotaK from Flatt Security…

09
Dec
2024

Mauri Ransomware Exploiting Apache ActiveMQ Vulnerability

The Apache ActiveMQ Vulnerability, identified as CVE-2023-46604, was exploited by Mauri Ransomware threat actors to install CoinMiners. Threat actors were…

Cipla Allegedly Hacked
09
Dec
2024

Cipla Allegedly Hacked, Akira Ransomware Claims 70GB Data Stolen

Cipla, the Indian pharmaceutical giant, has reportedly fallen victim to a cyberattack orchestrated by the Akira ransomware group. The hackers…

Microsoft Challenged AI Hackers To Break LLM Email Service, Rewards Up To $10,000
09
Dec
2024

Microsoft Challenged AI Hackers To Break LLM Email Service, Rewards Up To $10,000

Microsoft has launched an innovative cybersecurity challenge that puts artificial intelligence (AI) to the test. As Microsoft is inviting hackers…

Synology Router Vulnerabilities Let Attackers Inject Arbitrary Web Script
09
Dec
2024

Synology Router Vulnerabilities Let Attackers Inject Arbitrary Web Script

Synology, a leading provider of network-attached storage and networking solutions, has recently patched multiple vulnerabilities in its Router Manager (SRM)…

Google’s New Open-Source Patch Validation Tools Vanir Unveiled
09
Dec
2024

Google’s New Open-Source Patch Validation Tools Vanir Unveiled

Google has officially launched Vanir, a groundbreaking open-source security patch validation tool designed to enhance the efficiency and accuracy of…

Researcher Demonstrated On How Attacker Can Gain Full Admin Access With XSS
09
Dec
2024

Researcher Demonstrated On How Attacker Can Gain Full Admin Access With XSS

A cybersecurity researcher has unveiled an unexpected discovery that demonstrates how a simple Cross-Site Scripting (XSS) vulnerability can be leveraged…

Qlik Sense Enterprise For Windows Vulnerability Let Attackers Execute Remote Code
09
Dec
2024

Qlik Sense Enterprise For Windows Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been discovered in Qlik Sense Enterprise for Windows, potentially allowing attackers to execute remote code…

IBM QRadar SIEM Vulnerability
09
Dec
2024

IBM QRadar SIEM Vulnerability Let Hackers Inject Malicious JavaScript In Web UI

A critical XSS vulnerability identified in IBM’s QRadar SIEM (Security Information and Event Management) platform, tracked as CVE-2024-47107, allows authenticated…

Microsoft Releasing New Windows Recall Feature To Copilot+ PCs For Insiders
09
Dec
2024

Microsoft Releasing New Windows Recall Feature To Copilot+ PCs For Insiders

Microsoft has finally begun rolling out its highly anticipated Recall feature to Windows Insiders with Copilot+ PCs, marking a significant…

New Tool For Red Teamers To Execute System Command On Hosts Via Microsoft Teams
09
Dec
2024

New Tool For Red Teamers To Execute System Command On Hosts Via Microsoft Teams

A groundbreaking tool has emerged in the realm of red teaming, offering a sophisticated method to execute system commands on…

Starbucks Third-party Ransomware Attack, Termite Group Claims Credit
09
Dec
2024

Starbucks Third-party Ransomware Attack, Termite Group Claims Credit

A ransomware attack on supply chain technology provider Blue Yonder has caused significant disruptions for its clients, including Starbucks, BIC,…