Researchers Exploited Tesla & Sony in Pwn2Own Automotive
Pwn2Own 2024 Automotive is a unique event aimed at identifying and fixing flaws in connected automotive technologies. Tokyo, Japan, hosts the Pwn2Own 2024 Automotive from…
Category: CyberSecurityNews
Python based WIREFIRE web shell Attacking Ivanti VPN
Recently, QuoIntelligence’s research team unearthed a previously undetected variant of the notorious WIREFIRE web shell, a Python-based implant targeting compromised Ivanti Connect Secure (ICS) VPN…
Mass Exploitation of Ivanti VPN Exposes Networks to Hack Attacks
It was previously reported that Ivanti Connect Secure was vulnerable to an authentication bypass (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) actively exploited by threat…
Exploit Released for critical GoAnywhere MFT auth bypass
Fortra-owned GoAnywhere MFT (Managed File Transfer) has been discovered with a new vulnerability that could allow an unauthorized threat actor to create an admin user…
LockBit Ransomware Gang Claims Cyber Attack on Subway
An infamous cybercriminal group known as LockBit Ransomware recently targeted Subway’s food chain, unleashing a vicious attack that could potentially lead to the exposure of…
Re-vamped Zloader Attacking Windows Users With RSA Encryption
Zloader, also known as Terdot, DELoader, or Silent Night, is a modular trojan that reappeared after nearly two years of absence but with significant enhancements to…
ThreeAM Ransomware Attacking Small & Medium Companies
For financial gain, hackers exploit ransomware through which they encrypt victims’ data and then demand a ransom payment in exchange for its release. It shows…
Apple Critical Zero-day Flaw Exposes iPhones & Macs
Apple has released its first zero-day vulnerability patch of 2024, which affected several Apple products, including tvOS, iOS, iPadOS, macOS, and Safari. The zero-day is…
Atlassian Confluence Servers Attacked From 600+ IPs
Atlassian disclosed a critical vulnerability last week related to Remote Code Execution (CVE-2023-22527). This particular vulnerability was reported to be affecting Confluence Data Center and…
What is Infrastructure as Code Security (IaC)?
Infrastructure as Code (IaC) is a popular DevOps practice that manages and provides IT infrastructure through code rather than manual processes. This shift streamlines operations…
Critical AI Security Flaws Attackers Bypass Detection & Execute RC
Artificial Intelligence (AI) has become one of the fastest-booming technologies of this decade, with several advancements in multiple industries. In several cases, threat actors have…
WhatsApp Privacy Flaw Devices Information to Any Other User
Hackers seek to exploit WhatsApp flaws to gain unauthorized access to user data, messages, and sensitive information. Exploiting these flaws allows threat actors to compromise…