cyber security
LightSpy iOS Malware Enhanced with 28 New Destructive Plugins
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices. The malware's core binaries were even signed with the same certificate used in jailbreak...
Cloud
Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk
Recent analysis has revealed a concerning trend in mobile app security: Many popular apps store hardcoded and unencrypted cloud service credentials directly within their...
cyber security
GHOSTPULSE Hides Within PNG File Pixel Structure To Evade Detections
Recent campaigns targeting victims through social engineering tactics utilize LUMMA STEALER with GHOSTPULSE as its loader.By tricking victims into executing a series of...
cyber security
Hackers Abuse EDRSilencer Red Team Tool To Evade Detection
EDRSilencer, a red team tool, interferes with EDR solutions by blocking network communication for associated processes using the WFP, which makes it harder to...
Cyber Attack
CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address
Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies and connecting to various IP addresses.It establishes multiple backdoor connections...
cyber security
Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication
Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication on cryptocurrency exchanges, which is designed specifically for NAF (New...
cyber security
Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks
A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks.With a CVSS base score of 9.8,...
cyber security
Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars
Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day vulnerabilities that could allow attackers to gain full control over...
cyber security
19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519
A critical vulnerability in Zimbra's postjournal service, identified as CVE-2024-45519, has left over 19,600 public Zimbra installations exposed to remote code execution attacks.This vulnerability,...
cyber security
Overcoming Challenges in Endpoint Compliance
In an environment with a very high level of risk for cybersecurity, defense against the increasing complexity of cyberattacks is now the standard for...
cyber security
Hackers Attacking AI Agents To Hijacking Customer Sessions
Conversational AI platforms, powered by chatbots, are witnessing a surge in malicious attacks, which leverage NLP and ML are increasingly being used by businesses...