Latest News: Cybersecurity

Despite recent global law enforcement efforts, the notorious LockBit ransomware gang has made a swift comeback and launched a new leak site on the dark web. This move comes after a coordinated crackdown on the criminal group, which involved the FBI, the UK's National Crime Agency, Europol, and

In a landmark operation that marks a significant blow to global cybercrime, federal authorities from the United States and the United Kingdom, in collaboration with international partners, have successfully disrupted the operations of the notorious LockBit ransomware gang. The operation,

Security researchers have identified a widespread campaign where cybercriminals are misusing Google Cloud Run to disseminate banking trojans, namely the malware known as Astaroth, Mekotio, and Ousaban. As reported by Cisco Talos researchers, the first surge of misuse was observed in September

A critical vulnerability in the Bricks Builder theme for WordPress, tracked as CVE-2024-25600, has been actively exploited by hackers. The flaw, affecting over 25,000 websites, allows unauthenticated attackers to execute arbitrary PHP code on a site or server. It was discovered by a security

A newly discovered critical vulnerability in Microsoft Outlook, CVE-2024-21413, poses a significant threat to users by enabling remote code execution (RCE) through emails with malicious links. This flaw, identified by Check Point researcher Haifei Li, allows threat actors to bypass built-in

A new malware, named Ov3r_Stealer, is spreading through fake job advertisements on Facebook. Discovered by Trustwave SpiderLabs, the threat actors behind the malware target users by offering bogus management positions, leading them to download a weaponized PDF. Within the file, the user is directed

Mastodon, an open source and decentralized social media platform, is currently in the midst of a security alert. Cybersecurity experts have disclosed a critical vulnerability, dubbed CVE-2024-23832, that leaves millions of accounts at risk of being hijacked by malicious actors. The flaw scored a

Johnson Controls International, a leading multinational conglomerate, has reported a staggering $27 million in expenses tied to the remediation of a ransomware attack that occurred in September 2023. The attack, which was first reported by BleepingComputer, was orchestrated by the Dark Angels

In a recent development, Ivanti has warned of new zero-day vulnerabilities in its Connect Secure VPN appliance, first exploited by Chinese state-backed hackers in early December 2023. Identified as CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, and CVE-2024-21893, these flaws put customer networks

The first-ever Pwn2Own Automotive competition has concluded with hackers collectively earning a staggering $1,323,750 by exposing 49 zero-day vulnerabilities, primarily in Tesla vehicles. Organized by Trend Micro's Zero Day Initiative (ZDI) during the Automotive World conference, the event in