CISA Adds Apache OFBiz Incorrect Authorization Vulnerability to Known Exploited Vulnerabilities Catalog
CISA has flagged the critical Apache OFBiz Incorrect Authorization Vulnerability, allowing for remote code execution without authentication, as a known exploited vulnerability, urging organizations to update to version 18.12.15 to prevent potential breaches.
View full story…
North Korean-Aligned Threat Groups Targeting npm Ecosystem with Malicious Packages
Cybersecurity researchers have observed a significant increase in malicious activity from North Korean-aligned threat groups targeting the npm ecosystem with coordinated campaigns known as “Contagious Interview” and “Moonstone Sleet”.
View full story…
Critical Zero-Day Vulnerability in AVTECH AVM1203 Cameras Exploited for Five Years
A zero-day vulnerability in AVTECH AVM1203 security cameras has been actively exploited for five years, posing a high-severity risk to organizations.
View full story…
Russian Hackers Target Government Officials with Safari and Chrome Exploits
APT29, also known as Midnight Blizzard, conducted exploit campaigns targeting Apple Safari and Google Chrome browsers, utilizing n-day exploits to steal information from government officials and employees.
View full story…
Vietnamese Human Rights Non-Profit Targeted by APT32 Malware Campaign
APT32, also known as OceanLotus, launches sophisticated multi-year malware campaign against Vietnamese human rights organization, highlighting the group’s persistent efforts to compromise systems for potentially malicious purposes.
View full story…
Rise in Emotionally Manipulative Online Scams Poses Threat to Cryptocurrency Market
Online fraudsters are shifting towards more targeted and emotionally manipulative schemes, such as pig butchering scams, posing a significant threat to individuals and the cryptocurrency market.
View full story…
Iran-Sponsored Cyber Espionage Group Fox Kitten Collaborating with Ransomware Groups since 2017
Fox Kitten, an Iranian state-backed cyber espionage group, has been actively collaborating with ransomware groups since at least 2017, targeting various US entities and selling access to compromised networks on underground forums.
View full story…
Missouri Man Arrested for Attempted Data Extortion Against Former Employer
Daniel Rhyne, a core infrastructure engineer, arrested for attempting a data extortion campaign against his former employer by gaining unauthorized access to company systems and demanding a ransom of 20 Bitcoin.
View full story…
Latest Cybernews
Exposed Servers Highlight Risks of Insecure Systems and Data Protection
Security researcher Naphtali Deutsch identifies risks associated with exposed servers, including OpenAI and Pinecone API keys, GitHub access tokens, and database passwords, urging organizations to prioritize security measures to safeguard sensitive information.
View full story…
CISA Issues Urgent Warning on Apache OFBiz Incorrect Authorization Vulnerability
CISA warns of critical Apache OFBiz vulnerability allowing remote code execution by unauthenticated attackers.
View full story…
Fortra Releases FileCatalyst Workflow 5.1.7 to Address Critical Security Vulnerabilities
Fortra has released version 5.1.7 of its FileCatalyst Workflow software to address critical security vulnerabilities, including CVE-2024-6632 and CVE-2024-6633, which could compromise data integrity and allow unauthorized access.
View full story…
BlackByte Ransomware Group Targets VMware ESXi Bug with New Tactics
The BlackByte ransomware group, a splinter group of Conti, has updated their tactics to target core infrastructure and evade detection by exploiting an authentication bypass vulnerability in VMware ESXi.
View full story…
South Korean Cyber-Espionage Group APT-C-60 Exploits Zero-Day Vulnerabilities in Kingsoft WPS Office for Windows
APT-C-60, aligned with South Korea, targets victims in East Asia by exploiting critical zero-day vulnerabilities in Kingsoft WPS Office for Windows.
View full story…
Critical Security Flaw Discovered in WPML Multilingual CMS Plugin for WordPress
Authenticated users with Contributor-level access and above can remotely execute arbitrary code due to CVE-2024-6386 vulnerability in WPML Multilingual CMS plugin.
View full story…