ShadowRay Campaign Exploits Critical Ray Framework Vulnerabilities to Compromise AI Workloads Globally
Apr 26, 2024
Categories
Top Articles
APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028
Apr 24, 2024
OpenMetadata Vulnerabilities Allow Attackers to Cryptomine in Kubernetes Environments
Apr 18, 2024
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches
Apr 17, 2024
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security
Apr 17, 2024
Aug 07, 2023
Complex RCE Vulnerability (CVE-2023-39143) in PaperCut Application Ser...
Complex RCE Vulnerability (CVE-2023-39143) in PaperCut Application Servers PaperCut NG and PaperCut MF are extensively utilized software solutions for print management servers. CVE-2023-39143 refers t...
Learn More
Aug 07, 2023
Critical Microsoft Power Platform Vulnerability: Proactive Security Me...
Critical Microsoft Power Platform Vulnerability: Proactive Security Methods to Prevent Exploitation Microsoft fixed a critical vulnerability in its Power Platform after facing criticism for the delaye...
Learn More
Aug 04, 2023
Threat Actors Employ New Phishing Tactic Using Google AMP
Threat Actors Employ New Phishing Tactic Using Google AMP Researchers have uncovered a highly effective phishing tactic, which utilizes Google AMP (Accelerated Mobile Pages). Google AMP is an open-sou...
Learn More
Aug 03, 2023
Living Off the Land (LOTL): The Invisible Cyber Threat Lurking in Your...
Living Off the Land (LOTL): The Invisible Cyber Threat Lurking in Your System [Update] January 10, 2024: “Countering Living Off the Land (LOTL) Attack Methods with AI and ML” ...
Learn More
Aug 02, 2023
Top 10 Ransomware Demands
Top 10 Ransomware Demands In cyberspace, few threats rival ransomware attacks’ pervasive and destructive nature. As our interconnected world grows, these digital extortionists demonstrate unpara...
Learn More
Aug 01, 2023
P2Pinfect: A Worm-Like Botnet Malware Targeting Redis Deployments
P2Pinfect: A Worm-Like Botnet Malware Targeting Redis Deployments Researchers have identified an unknown group of hackers employing a novel strain of malware named “P2Pinfect” to target pu...
Learn More
Jul 31, 2023
DepositFiles Config File Exposes Multiple Databases: Users’ Privacy at...
DepositFiles Config File Exposes Multiple Databases: Users’ Privacy at Risk DepositFiles, a well-known web hosting service, left its environment configuration file publicly accessible, leading to unau...
Learn More
Jul 31, 2023
Android Vulnerabilities That Do Not Get Fixed Function as a Zero-Day
Android Vulnerabilities That Do Not Get Fixed Function as a Zero-Day Maddie Stone of Google’s Threat Analysis Group (TAG) authored the fourth annual year-in-review of zero-day vulnerabilities that att...
Learn More
Jul 28, 2023
Collective Security in Cyberspace with NATO
Collective Security in Cyberspace with NATO The North Atlantic Treaty Organization (NATO) is an intergovernmental military alliance formed to ensure collective defense and security for its member nati...
Learn More
Jul 28, 2023
New Advanced Attack Technique Exploiting “search-ms” URI Protocol Hand...
New Advanced Attack Technique Exploiting “search-ms” URI Protocol Handler The Windows operating system boasts a robust search feature for locating files and folders; there also is a less-known element...
Learn More
Jul 27, 2023
Nitrogen: A Malware Campaign Leveraging Search Ads
Nitrogen: A Malware Campaign Leveraging Search Ads Researchers have uncovered a new initial access malware campaign dubbed “Nitrogen”. This campaign employs Google and Bing search ads to promote fake ...
Learn More
Jul 26, 2023
The Phishing Risks of Twitter's Name Change to X
The Phishing Risks of Twitter’s Name Change to X In today’s digital playground, social media swings both ways, offering a fun-filled space for individuals to connect and share, while also ...
Learn More
Jul 26, 2023
Russia-Linked APT Group Gamaredon Starting Extortion 30-50 Minutes Aft...
Russia-Linked APT Group Gamaredon Starting Extortion 30-50 Minutes After First Initial Access The threat group, Gamaredon, linked to Russia, has been observed engaging in data exfiltration activities ...
Learn More
Jul 25, 2023
VMware Responses to the Critical CVE-2023-20891 Vulnerability Exposing...
VMware Responses to the Critical CVE-2023-20891 Vulnerability Exposing CF API Admin Credentials Virtual machines have revolutionized the world of cybersecurity, offering a myriad of benefits to cybers...
Learn More
Jul 25, 2023
RCE Vulnerability in OpenSSH’s SSH-Agent Forwarding: CVE-2023-38408
RCE Vulnerability in OpenSSH’s SSH-Agent Forwarding: CVE-2023-38408 SSH-Agent is a widely used program that holds private keys for public key authentication, providing a secure and convenient way to l...
Learn More
Jul 25, 2023
Critical Zero-Day in Ivanti EPMM (Formerly MobileIron Core) Is Activel...
Critical Zero-Day in Ivanti EPMM (Formerly MobileIron Core) Is Actively Exploited (CVE-2023-35078) Ivanti, a U.S. IT software company, has resolved an actively exploited zero-day authentication bypass...
Learn More
Jul 25, 2023
Critical Vulnerabilities in Atlassian and Apple Products: Apple Zero-D...
Critical Vulnerabilities in Atlassian and Apple Products: Apple Zero-Day Actively Exploited (CVE-2023-38606) Atlassian and Apple have each promptly addressed critical vulnerabilities threatening their...
Learn More
Jul 24, 2023
Zero-Days (CVE-2023-26077, CVE-2023-26078) in Atera Windows Installers
Zero-Days (CVE-2023-26077, CVE-2023-26078) in Atera Windows Installers Recent revelations have exposed critical zero-day vulnerabilities in Atera Windows installers. Cyber attackers could potentially ...
Learn More
Jul 24, 2023
Google Partially Patches Cloud Build’s Critical Design Flaw: Bad.Build...
Google Partially Patches Cloud Build’s Critical Design Flaw: Bad.Build Researchers discovered a critical security design flaw in Google Cloud Build, which they dubbed as “Bad.Build”. The d...
Learn More
Jul 22, 2023
First-Known Targeted Open-Source Supply Chain Attacks Strike the Banki...
First-Known Targeted Open-Source Supply Chain Attacks Strike the Banking Sector The cybersecurity threat landscape continues to witness new and sophisticated threats, and the banking sector is no exce...
Learn More
