Hackers Abusing Skype and Teams to Deliver the DarkGate Malware
Hackers utilized the Teams and Skype messaging platforms to spread the DarkGate malware to the targeted businesses. When DarkGate malware is installed, a Visual Basic…
Category: CyberSecurityNews
OWASP ZAP 2.14.0 Released – What’s New!
OWASP ZAP is a free and open-source web application security scanner. It is designed to be utilized by expert penetration testers as well as individuals…
Telegram, AWS, & Alibaba Users Targeted in supply chain attack
A new supply-chain attack, which was active throughout September 2023, has been discovered in which threat actors used Typosquatting and Startjacking techniques to lure developers…
Microsoft’s AI Bug Bounty Program that Rewards Up to $15,000
Microsoft created a new AI Bug Bounty program, which rewards people who help improve the AI Power Bing experience. The rewards range from $2,000 to…
Critical Google Chrome User-After-Free Site Isolation Flaw
As part of a security update for Chrome, Google has upgraded the Stable channels to 118.0.5993.70 for Mac and Linux and 118.0.5993.70/.71 for Windows. The…
Large-scale Akira Ransomware Attacking Unsecured Computers
In order to disrupt human-operated ransomware attacks and prevent attackers from advancing their objectives through lateral movement, it is crucial to swiftly contain any compromised…
New WordPress Malware as Cache Plugin Creates Rogue Admin
A novel kind of malware that acts as a sophisticated backdoor that can carry out several operations while impersonating a legitimate plugin has been identified.…
Google initiates the End of Passwords, making passkeys
Google, a well-known tech giant, has introduced a new feature called “passwordless by default”. This feature aims to simplify the login process for users by…
Heap-based Buffer Overflow Flaw in cURL Using SOCKS5 Proxy
Previously, the maintainers of the popular curl command line tool posted a pre-announcement regarding two vulnerabilities that affected both the curl tool and the libcurl…
How LLMs-like Models like ChatGPT patch the Security Gaps
The emergence of Large Language Models (LLMs) is transforming NLP, enhancing performance across NLG, NLU, and information retrieval tasks. They are primarily excellent in text-related…
Nation-state Hackers Exploiting Confluence Zero-day Vulnerability
Microsoft has detected the nation-state threat actor Storm-0062, also known as DarkShadow or Oro0lxy, exploiting CVE-2023-22515 in the wild since September 14, 2023. The vulnerability…
SAP Patches for XSS, Log Injection & Other Vulnerabilities
SAP has released the security patches for the Patch Day of October 2023, in which they release new Security Notes and 2 updates to the…