Hackers Attack Python Developers by Poising With Typosquat on PyPI
An automated risk detection system identified a typosquatting campaign targeting popular Python libraries on PyPI. In two waves with a 20-hour break, the attack deployed…
Category: CyberSecurityNews
GitLab Security Flaw Let Attackers Inject Malicious Scripts
GitLab has announced the release of updated versions for both its Community Edition (CE) and Enterprise Edition (EE), addressing critical vulnerabilities that could potentially allow…
Lessons Learned from the CISA – Ivanti Cyberattack
In today’s digital era, the frequency and sophistication of cyberattacks are on the rise, posing a serious threat to businesses and organizations worldwide. Among these…
Cisco Warns of Password Spraying Attacks Exploiting VPN Services
Password spraying is a technique hackers often take advantage of because it enables them to gain unauthorized access to many accounts or systems. They can…
Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards
Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk to organizations utilizing Splunk Enterprise and Splunk Cloud Platform. The…
GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats
GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights the growing, widespread use and potential of Web3 user security…
C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance
In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such as BMW Group, Daimler Truck…
Hacker Using Weaponized Virtual Hard Disk Deliver Remcos RAT
Hackers have been found leveraging weaponized virtual hard disk (VHD) files to deploy the notorious Remote Control Software (RAT), Remcos. This method marks a significant…
Apple ID “push bombing” Attack Apple Users to Steal passwords
Apple users are falling prey to a sophisticated phishing campaign designed to hijack their Apple IDs through what’s known as a “push bombing” or “MFA…
iPhone Users Beware! Darcula Phishing Service Via iMessage
A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform. A sophisticated Phishing-as-a-Service (PhaaS) platform known as ‘Dracula’. This platform…
NVIDIA ChatRTX For Windows App Vulnerability
A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and CVE-2024-0083) that could allow attackers to execute malicious code and…
2 Chrome Zero-Days Exploited At Pwn2Own 2024 : Patch Now
Google patched seven vulnerabilities in the Chrome browser on Tuesday, including two zero-day exploits that were exploited at the Pwn2Own Vancouver 2024 hacking contest. Researchers…