Latest News: Cybersecurity

In a recent development, Ivanti has warned of new zero-day vulnerabilities in its Connect Secure VPN appliance, first exploited by Chinese state-backed hackers in early December 2023. Identified as CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, and CVE-2024-21893, these flaws put customer networks

The first-ever Pwn2Own Automotive competition has concluded with hackers collectively earning a staggering $1,323,750 by exposing 49 zero-day vulnerabilities, primarily in Tesla vehicles. Organized by Trend Micro's Zero Day Initiative (ZDI) during the Automotive World conference, the event in

The BianLian ransomware group, notorious for its evolving strategies, has now intensified its focus on the healthcare and manufacturing sectors in the United States and Europe. This move signals a significant threat to data security and operational stability in these critical

In a series of coordinated cyberattacks, state-backed hackers have been exploiting critical zero-day vulnerabilities in Ivanti Connect Secure, a widely used VPN appliance. The vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have put numerous organizations at

Researchers have uncovered critical vulnerabilities in the POST SMTP Mailer WordPress plugin, which potentially puts over 150,000 websites at risk of takeover by malicious actors. The vulnerabilities were first reported by cybersecurity researchers Ulyses Saicha and Sean Murphy as part of

In a troubling development in cybersecurity, multiple information-stealing malware families have been found exploiting an undocumented Google OAuth endpoint, identified as "MultiLogin," to regenerate expired authentication cookies. This discovery, initially made by a developer named PRISMA in

McAfee's Mobile Research Team has uncovered a sophisticated Android backdoor, dubbed “Xamalicious”, that has compromised an estimated 338,300 devices worldwide. The malicious software, developed using Xamarin — an open-source framework for building Android and iOS apps with .NET and C# –- has been

Europol and ENISA (European Union Agency for Cybersecurity), national law enforcement from 17 countries, and private sector allies have uncovered a massive digital skimming campaign affecting 443 online merchants. Digital skimming, a form of cyberattack, involves stealing credit card information

Android users have something to worry about this holiday season, as a new variant of the Chameleon banking trojan has been identified. Concerningly, it’s capable of bypassing any biometric security measures to steal PINs and passwords. According to ThreatFabric, which first reported the malware, it

A novel attack technique known as SMTP Smuggling has been discovered, allowing hackers to bypass traditional email authentication protocols and send spoofed emails from trusted domains. This technique, uncovered by Timo Longin, a senior security consultant at SEC Consult, exploits vulnerabilities