Octopus Server Flaw Let Attackers Escalate Privilege
Octopus Server, a popular automation tool for deployment, operations runbooks, and development tasks, has identified a critical security flaw. The vulnerability tracked as CVE-2024-2975 could…
Category: CyberSecurityNews
Phishing-as-a-Service Platform Launched 20,000 Phishing Domains
The cybersecurity landscape faces a new threat with the emergence of ‘darcula,’ a Phishing-as-a-Service (PhaaS) platform. This sophisticated service enables cybercriminals to launch phishing campaigns…
xz-utils Backdoor Affected Kali Linux Installations: Check for Infection
A backdoor was recently discovered in the xz-utils package versions 5.6.0 to 5.6.1, shocking the Linux community. This poses a significant threat to the security…
OWASP Data Breach Due to Wiki Web Server Misconfiguration
The Open Web Application Security Project (OWASP) Foundation disclosed a significant data breach. The breach, which was discovered in late February 2024, was caused by…
Microsoft to Separate Office & Teams Globally
Microsoft Corporation (MSFT.O) has announced its decision to sell its chat and video app Teams separately from its Office suite globally. This move follows a…
Linux Kernel Flaw-Attackers Gain Full Root Access: PoC Published
Security researchers have uncovered a critical vulnerability in the Linux kernel’s io_uring subsystem, which could allow attackers to gain full root access to affected systems. The flaw,…
Vultur Android Malware mimic As McAfee Security App
Vultur, Android banking malware, has been observed incorporating new technical features, which allow the malware operator to remotely communicate with the victim’s mobile device. Additionally,…
Hackers Exploit Google Ads Tracking Feature To Deliver Malware
Google Ads is a big platform with a wide user base, which makes it attractive to threat actors who want to reach many targets at…
Gmail Turns 20! Evolves Constantly with Security Rules
As Gmail celebrates its 20th anniversary, it’s an opportune moment to reflect on its journey from a simple email service to a cornerstone of digital…
DNS Tunnel Keylogger – Post Exploitation Pentesting Tool
A new keylogging server and client tool have been released on GitHub for pentesters. The tool utilizes DNS tunneling to transmit keystrokes through firewalls, potentially…
Millions of Customers Data Exposed
AT&T has confirmed that personal data from approximately 73 million current and former customers has been leaked on the dark web. This confirmation comes after…
Hackers Attack macOS Using Infostealer To Steal Sensitive Data
Over the past year, macOS users, particularly those in the cryptocurrency sector, have been increasingly targeted by infostealers. These malicious programs aim to harvest credentials…