Unified Communications Flaw Let Attackers Execute Arbitrary Code
Cisco Unified Communications and Contact Center Solutions, known for their robustness, have recently been under scrutiny due to a critical vulnerability. This flaw exposes an…
Category: CyberSecurityNews
3000+ Posts on Dark Web to Use ChatGPT for Illegal Purposes
For the multitude of malicious activities, threat actors could exploit ChatGPT due to its conversational abilities, such as generating convincing phishing messages, crafting sophisticated social…
Chrome Flaw Let Attacker Corrupt Memory via Crafted HTML Page
Google has updated the Stable channels to 121.0.6167.85 for Mac and Linux and 121.0.6167.85/.86 for Windows as part of a security update for Chrome. There…
Researchers Awarded Over $1 Million in Pwn2Own Hacking Competition
At Pwn2Own Automotive 2024 Day 2, researchers were rewarded over $1 million for exploiting Tesla infotainment systems, Sony, Alphine players, Autel charging systems, and much more. On the…
5379 GitLab Servers are Vulnerable to Zero-Click Takeover Attacks
GitLab has released important security fixes for versions 16.7.2, 16.6.4, and 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE). The fixes include multiple…
HP Hacked by Russian ‘Cozy Bear’ hacker Group
On December 12, 2023, Hewlett Packard Enterprise (HPE) received chilling news: the notorious nation-state actor Midnight Blizzard, also known as Cozy Bear, had breached its…
Researchers Exploited Tesla & Sony in Pwn2Own Automotive
Pwn2Own 2024 Automotive is a unique event aimed at identifying and fixing flaws in connected automotive technologies. Tokyo, Japan, hosts the Pwn2Own 2024 Automotive from…
Python based WIREFIRE web shell Attacking Ivanti VPN
Recently, QuoIntelligence’s research team unearthed a previously undetected variant of the notorious WIREFIRE web shell, a Python-based implant targeting compromised Ivanti Connect Secure (ICS) VPN…
Mass Exploitation of Ivanti VPN Exposes Networks to Hack Attacks
It was previously reported that Ivanti Connect Secure was vulnerable to an authentication bypass (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) actively exploited by threat…
Exploit Released for critical GoAnywhere MFT auth bypass
Fortra-owned GoAnywhere MFT (Managed File Transfer) has been discovered with a new vulnerability that could allow an unauthorized threat actor to create an admin user…
LockBit Ransomware Gang Claims Cyber Attack on Subway
An infamous cybercriminal group known as LockBit Ransomware recently targeted Subway’s food chain, unleashing a vicious attack that could potentially lead to the exposure of…
Re-vamped Zloader Attacking Windows Users With RSA Encryption
Zloader, also known as Terdot, DELoader, or Silent Night, is a modular trojan that reappeared after nearly two years of absence but with significant enhancements to…