TanyaB
CVE/vulnerability
Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
Cisco has disclosed a significant vulnerability in its AnyConnect VPN Server for Meraki MX and Z Series devices, allowing authenticated attackers to trigger denial-of-service (DoS) conditions.The flaw (CVE-2025-20212)...
Android
New Trinda Malware Targets Android Devices by Replacing Phone Numbers During Calls
Kaspersky Lab has uncovered a new version of the Triada Trojan, a sophisticated malware targeting Android devices.This variant has been found pre-installed in...
Browser
DarkCloud Stealer Uses Weaponized .TAR Archives to Target Organizations and Steal Passwords
A recent cyberattack campaign leveraging the DarkCloud stealer has been identified, targeting Spanish companies and local offices of international organizations across various industries.The...
CVE/vulnerability
SonicWall Firewall Vulnerability Enables Unauthorized Access
Researchers from Bishop Fox have successfully exploited CVE-2024-53704, an authentication bypass vulnerability that affects SonicWall firewalls.This critical flaw allows remote attackers to hijack active SSL...
cyber security
Russian Seashell Blizzard Targets Organizations Using Custom-Built Hacking Tools
Seashell Blizzard, also known as APT44, Sandworm, and Voodoo Bear, has emerged as a sophisticated adversary targeting critical sectors worldwide.Associated with Russia's Military...
Cyber Attack
EvilCorp and RansomHub Collaborate to Launch Worldwide Attacks on Organizations
EvilCorp, a sanctioned Russia-based cybercriminal enterprise, has been observed collaborating with RansomHub, one of the most active ransomware-as-a-service (RaaS) operations.This partnership has heightened the...
AI
AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hour
Web applications are facing a growing challenge from "gray bots," a category of automated programs that exploit generative AI to scrape vast amounts of...
Cyber Security News
New Web Skimming Attack Exploits Legacy Stripe API to Validate Stolen Card Data
A sophisticated web-skimming campaign has been discovered, leveraging a deprecated Stripe API to validate stolen credit card data before exfiltration.This novel strategy ensures that...
Join our community of SUBSCRIBERS and be part of the conversation.
To subscribe, simply enter your email address on our website or click the subscribe button below. Don't worry, we respect your privacy and won't spam your inbox. Your information is safe with us.