16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft

29/12/2024 0 Comments 0 tags

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The

15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials

28/12/2024 0 Comments 0 tags

A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

28/12/2024 0 Comments 0 tags

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign

Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization

27/12/2024 0 Comments 0 tags

The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

27/12/2024 0 Comments 0 tags

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami)

Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately

27/12/2024 0 Comments 0 tags

Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices. The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia

27/12/2024 0 Comments 0 tags

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting “several dozen users” in 2024.

Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts

26/12/2024 0 Comments 0 tags

A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company’s network in March 2020. Junior Barros De Oliveira,

Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

25/12/2024 0 Comments 0 tags

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

25/12/2024 0 Comments 0 tags

The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured