cyber security
Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague unearthed a major security vulnerability in Subaru’s STARLINK connected vehicle service.The flaw allowed...
cyber security
Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights
A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave vulnerability, potentially allowing attackers to control air conditioning, lighting,...
cyber security
Beware of Fake Captcha Verifications Spreading Lumma Malware
In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA pages to deliver the Lumma Stealer malware.Lumma, a malware-as-a-service...
Cyber Attack
KEYPLUG Infrastructure Exposed: Server Configurations and TLS Certificates Revealed
In a recent technical investigation, researchers uncovered critical insights into the infrastructure linked to a suspected Chinese state-backed cyber actor referred to as "RedGolf."...
cyber security
PayPal Fined $2 Million Fine For Violating Cybersecurity Regulations
The New York State Department of Financial Services (NYDFS) has imposed a $2 million penalty on PayPal, Inc. for breaches of the state’s stringent...
Cyber Attack
HellCat and Morpheus Ransomware Share Identical Payloads for Attacks
The cybersecurity landscape witnessed a surge in ransomware activity during the latter half of 2024 and into early 2025, with the emergence of operations...
cyber security
Microsoft Unveils New Identity Secure Score Recommendations in General Availability
Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational security and providing actionable...
cyber security
New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies
A new attack technique known as the "cookie sandwich" has surfaced, raising significant concerns among cybersecurity professionals.This technique enables attackers to bypass the HttpOnly...
cyber security
The Growing Role of AI-Powered SAST in the Developer Toolkit
In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the need for fast and...
cyber security
New Contacto Ransomware Evades AV Detection & Uses Windows Console for Execution
In early January 2025, a new ransomware strain identified as Contacto surfaced, showcasing advanced techniques designed to bypass conventional security measures.This analysis provides...
cyber security
Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details
A critical flaw in Google's "Sign in with Google" authentication system has left millions of Americans vulnerable to potential data theft.This vulnerability mainly...