Hackers Exploiting Java Debug Wire Protocol Servers in Wild to Deploy Cryptomining Payload
A new wave of cyberattacks is targeting organizations that inadvertently expose Java Debug Wire Protocol (JDWP) servers to the internet,...
Read more →Category: CyberSecurityNews
Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition
Key Takeaways1. Next.js versions 15.1.0-15.1.8 have a cache poisoning bug causing DoS attacks through blank page delivery.2. Needs affected Next.js...
Read more →
Microsoft Investigating Forms Service Issue Not Accessible for Users
Microsoft is currently investigating a significant service disruption affecting Microsoft Forms, leaving numerous users unable to access the popular online...
Read more →
Massive Android Ad Fraud ‘IconAds’ Leverages Google Play to Attack Phone Users
A sophisticated mobile ad fraud operation dubbed “IconAds” has infiltrated Android devices worldwide through 352 malicious applications distributed via Google...
Read more →
Multiple PHP Vulnerabilities Allow SQL Injection & DoS Attacks
Critical security vulnerabilities have been discovered in PHP that could allow attackers to execute SQL injection attacks and cause denial...
Read more →
Critical HIKVISION ApplyCT Vulnerability Exposes Devices to Code Execution Attacks
A critical security vulnerability has been discovered in HIKVISION’s applyCT component, part of the HikCentral Integrated Security Management Platform, that...
Read more →
New Sophisticated Attack Bypasses Content Security Policy Using HTML-Injection Technique
A sophisticated technique to bypass Content Security Policy (CSP) protections using a combination of HTML injection and browser cache manipulation. ...
Read more →
New “123 | Stealer” Advertised on Underground Hacking Forums for $120 Per Month
A new credential-stealing malware dubbed “123 | Stealer” has surfaced on underground cybercrime forums, being marketed by threat actor “koneko”...
Read more →
Hackers use Fake Cloudflare Verification Screen to Trick Users into Executing Malware
A sophisticated social engineering campaign has emerged targeting unsuspecting users through fraudulent Cloudflare verification screens, representing a new evolution in...
Read more →
Massive Spike in Password Attacks Targeting Cisco ASA VPN Followed by Microsoft 365
A dramatic surge in password spray attacks targeting enterprise infrastructure, with Cisco ASA VPN systems experiencing an unprecedented 399% increase...
Read more →
New Hpingbot Abusing Pastebin for Payload Delivery and Hping3 Tool to Launch DDoS Attacks
A sophisticated new botnet family has emerged in the cybersecurity landscape, demonstrating unprecedented innovation in malware design and attack methodologies....
Read more →
Azure API Vulnerabilities Leak VPN Keys and Built-In Roles Allow Over-Privileged Access
Microsoft Azure’s role-based access control system has been found to contain critical security vulnerabilities that could expose enterprise networks to...
Read more →