Sunday, April 6, 2025

cyber security

Mal.Metrica Malware Hijacks 17,000+ WordPress Sites

Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA challenges. Clicking initiates a malicious...

Hackers Exploit Microsoft Graph API For C&C Communications

An emerging threat leverages Microsoft's Graph API to facilitate command-and-control (C&C) communications through Microsoft cloud services. Recently, security analysts at Symantec discovered a previously undocumented...

ApacheMQ Authentication Flaw Let Unauthorized Users Perform Multiple Actions

Apache ActiveMQ is a Java based communication management tool for communicating with multiple components in a server.It is an open-source widely used messaging service...

68% of Data Breach Occurs Due to Social Engineering Attacks

In the latest edition of Verizon's Data Breach Investigations Report (DBIR) for 2024, a concerning trend has been highlighted, a significant 68% of data...

U.S. Govt Warns of Massive Social Engineering Attack from North Korean Hackers

The United States government has issued a stark warning about a new wave of social engineering attacks orchestrated by North Korean hackers.The Department...

Cisco IP Phone Vulnerability Let Attackers Trigger DoS Attack

Cisco has disclosed multiple vulnerabilities in its IP Phone firmware that could severely impact users by allowing unauthenticated, remote attackers to perform denial of...

Threat Actors Renting Out Compromised Routers To Other Criminals

APT actors and cybercriminals both exploit proxy anonymization layers and VPN nodes to mask their malicious activities, while Pawn Storm, a well-known APT group,...

New “Goldoon” Botnet Hijacking D-Link Routers to Use for Other Attacks

Security researchers at FortiGuard Labs discovered a new botnet in April that exploits a weakness in D-Link devices.Dubbed "Goldoon," this botnet has been observed...