Massive Exploit Against WooCommerce Payments Underway Bug
Hackers actively target vulnerable WordPress websites in an effort to take advantage of a widespread WooCommerce Payments plugin vulnerability and gain admin rights. The WooCommerce…
Category: CyberSecurityNews
ChatGPT Based Automated Penetration Testing Tool
Cyber Security News has found a new ” PentestGPT ” tool that helps penetration testers automate their pentesting processes, and ChatGPT powers it. A Ph.D.…
Microsoft Struggling to Find How Hackers Steal the Azure AD Signing Key
China’s Storm-0558 hacked 25 organizations, including government agencies, using fake tokens for email access, aiming at espionage since May 15, 2023. However, Storm-0558’s campaign was…
Hackers Use WebAPK to Install Malware as Native Application
The latest research reveals a new sophisticated attack carried through Webapk technology targeting Android devices. The threat actors manipulate the user to install malicious web…
Hackers Actively Exploiting Zero-day Vulnerability in Zimbra Server
Zimbra is a widely used email client used by many organizations worldwide. The Zimbra Collaboration Suite provides a much more comprehensive package of document storage,…
hackers use WormGPT to Launch Sophisticated Cyber Attacks
Generative AI technology is rapidly growing and advancing, driven by continuous research and development efforts. But, besides the growing advancements and positive things, these generative…
Cisco SD-WAN vManage Flaw: Let Attackers Escalate Privileges
A critical severity vulnerability has been detected in the request authentication validation for the REST API of the Cisco SD-WAN vManage software. Cisco released a…
Top Information Security Threats for Businesses 2023
Businesses face a myriad of information security risks that can be detrimental to their operations. Information security threats evolve rapidly, and new threats may appear…
Hackers Use New .NET Loader Malware to Deliver Payloads
An unrecorded .NET Loader was identified during routine threat hunting that downloads, decrypts, and executes a wide range of malicious payloads. Multiple threat actors extensively…
APT Groups Actively Targeting Outlook and Exchange Email
A china based APT actor accessed Microsoft 365 cloud environment and exfiltrated unclassified Exchange Online Outlook data from a small number of accounts. In June 2023,…
5 Phases of Russian Cyber Playbook in Attacks Against Ukraine
Russia’s invasion of Ukraine on February 24, 2022, followed escalating cyber operations, categorized into six phases, by Russian troops amassed at the border. Beyond the…
QuickBlox Security Flaws Exposes Millions of Users Sensitive Data
Recent reports from Team82 and Check Point Research (CPR) team state that there has been a major vulnerability in QuickBlox SDK (Software Development Kit) and…