JsOutProx Malware Abusing GitLab To Attack Financial Institutions
GitLab is a prominent web-based Git repository manager that is exploited by hackers to gain unauthorized access to confidential source code, steal intellectual property or…
Category: CyberSecurityNews
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to the Cyber Security News Weekly Round-Up. Each week, we will explore the latest cyber threats, vulnerabilities, and notable stories that have shaped the…
Hackers Hijacked Notepad++ Plugin To Inject Malicious Code
Hackers have manipulated a popular Notepad++ plugin, injecting malicious code that compromises users’ systems upon execution. The AhnLab Security Intelligence Center (ASEC) researchers have revealed…
Hackers Use Weaponized PDF Files to Deliver Byakugan Malware
Due to their high level of trust and popularity, hackers frequently use weaponized PDF files as attack vectors. Even PDFs can contain harmful codes or…
Magento Vulnerability Let Attackers Inject Backdoor
A sophisticated vulnerability within the Magento ecommerce platform has been unveiled, posing a significant threat to online merchants and shoppers alike. The vulnerability, identified as…
Chinese Hacking Groups Exploiting Ivanti Connect Secure VPN
Cybersecurity firm Mandiant has uncovered a series of sophisticated cyberattacks targeting Ivanti Connect Secure VPN appliances. These attacks, attributed to multiple Chinese nexus espionage groups,…
Cyber Attack Hits World’s Second Largest Lens-maker
HOYA CORPORATION, the world’s second-largest lens manufacturer, has reported an IT system incident that has disrupted its operations. The Tokyo-based company, known for its advanced…
Google Pixel Phone Zero-days Exploited by Forensic Firms in the Wild : Patch Now
The Pixel Update Bulletin details security vulnerabilities and functional improvements for supported devices. Updating to the April 2024 security patch level (2024-04-05 or later) addresses…
New Fake E-Shopping Attack Hijacking Users Banking Credentials
A fake e-shop scam campaign has been targeting Southeast Asia since 2021, as CRIL observed a surge in activity in September 2022, with the campaign…
VMware SD-WAN Vulnerabilities – Execute Arbitrary Commands
Multiple security flaws affecting VMware SD-WAN have been addressed, allowing arbitrary commands to be executed on the intended system. If these vulnerabilities are successfully exploited,…
Single Machine Bring Server Down
Security researcher Bartek Nowotarski disclosed a new class of vulnerabilities within the HTTP/2 protocol, known as the HTTP/2 CONTINUATION Flood. This attack vector is proving…
Chrome Zero-Day Vulnerability Exploited At Pwn2Own : Patch Now
Google fixed three vulnerabilities in the Chrome browser on Tuesday, along with another zero-day exploit that was exploited during the Pwn2Own Vancouver 2024 hacking contest. Google recently…