Thursday, February 6, 2025

Browser

FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections

A new macOS malware variant, dubbed "FlexibleFerret," has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign.Despite Apple’s recent signature updates...

Lazarus Group Exploits Trusted Apps for Data Theft via Dropbox

In an alarming development, North Korea’s infamous Lazarus Group has been linked to a global cyber espionage campaign, code-named Operation Phantom Circuit.Beginning in September...

New RDP Exploit Allows Attackers to Take Over Windows and Browser Sessions

Cybersecurity experts have uncovered a new exploit leveraging the widely used Remote Desktop Protocol (RDP).This vulnerability enables attackers to gain unauthorized control over Windows...

New Apple SLAP & FLOP Side-Channel Attacks Let Attackers Steal Login Details From Browser

Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing by web servers.This technique allows attackers to manipulate HTTP...

New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code

A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users.The attack, which unfolded...