Cyber Attack
HellCat and Morpheus Ransomware Share Identical Payloads for Attacks
The cybersecurity landscape witnessed a surge in ransomware activity during the latter half of 2024 and into early 2025, with the emergence of operations...
Cyber Attack
Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks
A new report has put the spotlight on potential security vulnerabilities within the popular open-source framework Next.js, demonstrating how improper caching mechanisms can lead...
Browser
New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies
The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing by web servers.This technique allows attackers to manipulate HTTP...
Botnet
Murdoc Botnet Exploiting AVTECH Cameras & Huawei Routers to Gain Complete Control
Researchers have identified an active malware campaign involving a Mirai botnet variant, dubbed Murdoc, which has been targeting AVTECH cameras and Huawei HG532 routers...
Browser
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users.The attack, which unfolded...
CVE/vulnerability
Hackers Deploy Web Shell To Abuse IIS Worker And Exfiltrate Data
An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload a malicious web shell...
Cyber Attack
5,000 WordPress Sites Hacked in New WP3.XYZ Malware Attack
Widespread malware campaigns detected by side crawlers exploit vulnerabilities on multiple websites where the intrusion method remains under investigation, with no common entry point...
Backdoor
QSC: Multi-Plugin Malware Framework Installs Backdoor on Windows
The QSC Loader service DLL named "loader.dll" leverages two distinct methods to obtain the path to the Core module code.It either extracts the...