Cybercriminals use free software to deploy malware.

In order to transmit a malware loader known as Hijack Loader, which then deploys an information stealer known as Vidar Stealer, threat actors are luring unsuspecting consumers by offering free or pirated versions of commercial software. “Adversaries had managed to trick users into…


0 Comments7 Minutes

ASUS Patches Multiple Router Models.

The company has addressed a significant security weakness affecting ASUS routers through the release of software upgrades. Malicious actors might exploit this flaw to circumvent authentication. The vulnerability, under the identifier CVE-2024-3080, receives a CVSS score of 9.8 out of a possible…


0 Comments4 Minutes

What to do when you get a phishing email?

So you got a suspicious email and you clicked on it. Don’t panic just yet. Phishing emails are designed to trick you into revealing sensitive information or installing malicious software on your device. They’re undoubtedly cunning, but understanding what to do next can save you from a potential…


0 Comments8 Minutes

Cryptojackers Exploit Misconfigured Kubernetes Clusters

Cybersecurity researchers have warned of an ongoing cryptojacking campaign exploiting misconfigured Kubernetes clusters to mine Dero money. Cloud security firm Wiz, which revealed the activity, stated that it is an enhanced version of a financially motivated operation previously identified by…


0 Comments3 Minutes

Apple Debuts Private Cloud Compute to Enhance AI Privacy

Apple has unveiled a “groundbreaking cloud intelligence system” named Private Cloud Compute (PCC), aimed at managing artificial intelligence (AI) workloads in the cloud while upholding privacy standards. The tech giant described PCC as the “most advanced security architecture ever…


0 Comments6 Minutes

More_eggs Malware Hidden in Fake Resumes

Cybersecurity experts have discovered a phishing attempt that distributes the More_eggs virus by masquerading as a resume, a tactic first identified more than two years ago. The attempted attack targeted an undisclosed industrial services company in May 2024, according to Canadian cybersecurity…


0 Comments6 Minutes

Urgent PHP Fix for Windows Users

Details have emerged about a major new security vulnerability in PHP that could be exploited to achieve remote code execution under certain conditions. The vulnerability, identified as CVE-2024-4577, is described as a CGI argument injection flaw affecting all PHP versions installed on the Windows…


0 Comments3 Minutes

TikTok Stars Fall Victim to Zero-Click DM Hacking

TikTok, a popular video-sharing website, has disclosed a security flaw that threat actors used to gain control of high-profile accounts on the platform. Semafor and Forbes were the first to report on the development, which outlined a zero-click account takeover effort that allows malware spread…


0 Comments5 Minutes

Python Developers Hit by Fake “Crytic-Compilers” Scam on PyPI

Cybersecurity experts discovered a malicious Python package posted to the Python Package Index (PyPI) repository intended to transmit an information stealer known as Lumma (aka LummaC2). You might be interested in: Rockwell’s Call to Disconnect ICS from Internet The package in question is…


0 Comments4 Minutes

Cox Modem Vulnerabilities Threaten Millions

Vulnerabilities in Cox modems, now patched, that permitted permission bypasses, may have been used as a springboard to gain unauthorized access to the devices and execute malicious commands. “This series of vulnerabilities demonstrated a way in which a fully external attacker, without any…


0 Comments5 Minutes