Alert: Ravaging AcidPour Malware Strikes Linux x86 Devices
It has been discovered that a new variation of a data-erasing malware, known as AcidPour Malware, has been discovered in the wild. This particular variant is meant to particularly target Linux x86 machines. In a series of posts on X, Juan Andres Guerrero-Saade of SentinelOne stated that the…
0 Comments3 Minutes
ChatGPT Plugins from Third Parties May Cause Account Takeovers
According to cybersecurity researchers, threat actors attempting to obtain unauthorized access to sensitive data may use third-party plugins for OpenAI ChatGPT as a new avenue of attack. New study from Salt Labs suggests that security holes in ChatGPT and its ecosystem could let attackers install…
0 Comments7 Minutes
I Got Banned… Really!
I Got Banned… Really! Hey guys, Dan here. Soooooo. My awesome video on OSINT was tak3n d0wn! Well, what do you think?
0 Comments1 Minute
Fortinet Identifies Severe SQL Injection Vulnerability in FortiClientEMS Software
Fortinet recently issued a warning highlighting a critical vulnerability in its FortiClientEMS software. This vulnerability poses a significant risk, potentially enabling malicious actors to execute code on affected systems, which could lead to data breaches, system downtime, and other severe…
0 Comments4 Minutes
Cybercriminals Using GitHub and AWS to deploy STRRAT Trojans and VCURMS
A Java-based downloader is being maliciously employed in a recent phishing campaign aimed at distributing remote access trojans (RATs) such as VCURMS and STRRAT. Yurren Wan, a researcher at Fortinet FortiGuard Labs, stated that “the attackers stored malware on public services like Amazon Web…
0 Comments4 Minutes
WordPress Users Beware! Malware Strikes 3,900+ Sites via Popup Builder Plugin
A high-severity security hole in the Popup Builder plugin for WordPress is being used by a new malware operation to add harmful JavaScript code. It is said that over the last three weeks, the operation has infected over 3,900 sites. In a March 7 report, security expert Puja Srivastava said,…
0 Comments4 Minutes
Microsoft Reveals Russian Hackers Accessed Customer Secrets and Source Code
Midnight Blizzard, also known as APT29 or Cozy Bear, operates under Kremlin support and poses a significant threat. Following a breach detected in January 2024, they infiltrated Microsoft’s internal systems and accessed portions of its source code. “In recent weeks, we have seen…
0 Comments4 Minutes
Hacked WordPress sites are using visitors’ browsers for brute-force attacks.
New findings from Sucuri shows that threat actors are using malicious JavaScript injections to launch brute-force attacks against WordPress sites. According to Denis Sinegubko, a security researcher, the attacks are distributed brute-force attacks that “target WordPress websites from the…
0 Comments4 Minutes
Hackers use flaws in ConnectWise ScreenConnect to spread TODDLERSHARK malware.
North Korean threat actors have used the newly found security holes in ConnectWise ScreenConnect to spread a new piece of malware called TODDLERSHARK. A report from Kroll that was given to The Hacker News says that TODDLERSHARK is similar to other known Kimsuky malware like BabyShark and…
0 Comments4 Minutes
There are over 225,000 stolen ChatGPT credentials for sale on the dark web.
According to new research from Group-IB reveals a concerning trend between January and October 2023. During this period, an alarming number of over 225,000 stolen ChatGPT credentials were traded on illicit online platforms. These compromised credentials were found in logs associated with notorious…
0 Comments4 Minutes