Ransomware Activity Spikes Amid Qilin’s New Wave of Targeted Attacks
The Qilin group emerged as the leading player in the ransomware ecosystem, which saw a notable rise in activity during...
Read more →Category: GBHackers
New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages
A newly discovered man-in-the-middle exploit dubbed “Opossum” has demonstrated the unsettling ability to compromise secure communications over Transport Layer Security...
Read more →
Massive Scraper Botnet of 3,600+ Devices Targets US and UK Websites
GreyNoise has discovered an undiscovered version of a scraper botnet with more than 3,600 distinct IP addresses worldwide, which is...
Read more →
New Tool Automates GitHub Device Code Phishing Attacks
Security researchers revealed the dangers of GitHub Device Code Phishing—a technique that leverages the OAuth 2.0 Device Authorization Grant flow....
Read more →
McDonald’s AI Hiring Bot Exposed with ‘123456’ Password — Millions of Job Seekers’ Data at Risk
A shocking security vulnerability in McDonald’s AI-powered hiring system has exposed the personal information of millions of job applicants, after...
Read more →
Critical mcp remote Vulnerability Enables LLM Clients to Remote Code Execution
The JFrog Security Research team has discovered a critical security vulnerability in mcp-remote, a widely used tool that enables Large...
Read more →
Microsoft 365 PDF Export Feature Vulnerable to LFI – Sensitive Data at Risk
A critical security vulnerability in Microsoft 365’s PDF export functionality has been discovered and subsequently patched, highlighting significant risks to...
Read more →
FUNNULL Uses Amazon and Microsoft Cloud to Hide Malicious Infrastructure
A sophisticated threat network called “Triad Nexus,” which operates through the FUNNULL content delivery network (CDN) to hide malicious infrastructure...
Read more →
Microsoft Fixes Wormable Remote Code Execution Flaw in Windows and Server
Microsoft has released critical security updates addressing a severe remote code execution vulnerability that could allow attackers to execute malicious...
Read more →
Reflectiz Joins the Datadog Marketplace
Reflectiz, a leading cybersecurity company specializing in web exposure management, today announced a new integration with Datadog, Inc. (NASDAQ: DDOG),...
Read more →
Supply Chain Attack Unleashed via Compromised VS Code Extension
A sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with...
Read more →
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with...
Read more →