Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access
Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities tracked...
Read more →Category: GBHackers
Chrome Security Update, Patch For Multiple Vulnerabilities
72 Hours to Audit-Ready API Security APIs present a unique challenge in this landscape, as risk assessment and mitigation are...
Read more →
WPForms Vulnerability Let Users Issues Subscription Payments
A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million...
Read more →
Microsoft Patch Tuesday, December 2024, Patch for 16 Critical Security Flaws
In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities,...
Read more →
Visual Studio Tunnels Abused For Stealthy Remote Access
In an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service...
Read more →
RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins
Attackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate,...
Read more →
Black Basta Ransomware Leverages Microsoft Teams To Deliver Malicious Payloads
In a resurgence since May 2024, the Black Basta ransomware campaign has exhibited a troubling escalation in its attack methods,...
Read more →
Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files
SAP has issued Security Note 3536965 to address multiple high-severity vulnerabilities in the Adobe Document Services of SAP NetWeaver AS for JAVA. These vulnerabilities, identified...
Read more →
Hackers Target Android Users via WhatsApp to Steal Sensitive Data
Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by...
Read more →
Dell Warns of Critical Code Execution Vulnerability in Power Manager
Dell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager...
Read more →
Mauri Ransomware Exploiting Apache ActiveMQ Vulnerability To Deploy CoinMiners
The Apache ActiveMQ server is vulnerable to remote code execution (CVE-2023-46604), where attackers can exploit this vulnerability by manipulating serialized...
Read more →
Researchers Uncovered Hackers Infrastructre Using Passive DNS Technique
Cybersecurity researchers have unveiled an advanced technique to uncover hackers’ operational infrastructure using passive DNS data. This groundbreaking method sheds...
Read more →