Jenkins Plugin Flaw let Attackers Gain Admin Access
A recent security advisory from Jenkins reported that they had fixed 24 vulnerabilities affecting multiple Jenkins plugins. This Flaw includes 5 High, 18 Medium, and…
Category: GBHackers
Microsoft Renamed Azure Active Directory to Entra ID
Microsoft has recently made an announcement that their Microsoft Entra service has been extended to include the Security Service Edge. Moreover, the Azure AD has…
Security Engineer Arrested for Stealing $9M from Crypto Exchange
Shakeeb Ahmed, a former security engineer, has been arrested for defrauding a decentralized crypto exchange and stealing over $9 million. A digital currency exchange, also…
SonicWall Critical Flaws Let Attackers Bypass Authentication
SonicWall has recently published a security notice in which 15 vulnerabilities were fixed. CVEs for these vulnerabilities have been published, and patches for 4 Critical,…
Citrix Secure Access Client Flaw Let Attackers Execute Remote Code
Citrix has released security advisories for critical and high-severity vulnerabilities, which could allow threat actors to escalate their privileges if they have access to an…
Hackers Actively Exploit Unpatched Office Zero-Day Flaws in the Wild
Storm-0978, a threat actor, actively targeted European and North American defense and government entities in a phishing campaign. Exploiting CVE-2023-36884, the campaign used Word documents…
Threats from APT Groups to Security Researchers
As per the research conducted by SentinelOne, a new risk has been identified, which affects the information security researchers as well as the infosec community.…
7 Best IP Geolocation API For Cybersecurity
IP geolocation API services can do far more than serve website visitors in their local language and currency using IP lookup. They can also play…
OWASP ZAP 2.13.0 Released – What’s New!
The OWASP Zed Attack Proxy is a widely used tool for conducting web application penetration testing. It is free and open-source. ZAP functions as a…
Hackers Leverage USB Flash Drives to Steal Secrets
During the initial half of 2023, a notable surge occurred in attacks exploiting infected USB drives for secret theft. While the USB-based operation campaigns caused…
New Crypto Phishing Attack Steals Funds from Cold Wallets
Cryptocurrency’s rising fame and diverse storage methods expand the arsenal of tools used by threat actors chasing digital assets and funds. The threat actors adapt…
Apple Issues Emergency Patch for iOS & macOS Zero-day Flaw
New Rapid Security Response (RSR) patches from Apple have been released to address a new zero-day defect that has been used in attacks and affects…