Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated...
Read more →Category: GBHackers
Microsoft AppLocker Flaw Lets Malicious Apps Bypass Security Restrictions
Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could...
Read more →
7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems
A critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive...
Read more →
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft...
Read more →
CrushFTP 0-Day Vulnerability Actively Exploited to Breach Servers
A critical zero-day vulnerability in CrushFTP servers is being actively exploited by threat actors to compromise systems worldwide. The vulnerability,...
Read more →
PoisonSeed Attack Tricks Users into Scanning Malicious MFA QR Codes
A sophisticated new cyber attack technique has emerged that exploits the cross-device sign-in features of FIDO keys, effectively bypassing one...
Read more →
SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of...
Read more →
New Surge of Crypto-Jacking Hits Over 3,500 Websites
Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a...
Read more →
Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware
A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily...
Read more →
New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit...
Read more →
Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens,...
Read more →
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating...
Read more →