North Korean APT Kimsuky uses forceCopy malware to steal browser-stored credentials
North Korean APT Kimsuky uses forceCopy malware to steal browser-stored credentials Read More »
Critical Cacti Security Flaw CVE-2025-22604 Enables Remote Code execution
Cacti, an open-source framework for network monitoring and fault management, has a critical security flaw that could allow an attacker to execute code remotely on vulnerable instances. The flaw is tracked as CVE-2022-26204 and has a CVSS rating of 9.1 out a maximum score of 10. “Authenticated users can inject malware due to a bug
Critical Cacti Security Flaw CVE-2025-22604 Enables Remote Code execution Read More »
How Interlock Ransomware infects healthcare organizations
Ransomware attacks are on an unprecedented scale, exposing vulnerabilities in the healthcare industry that put millions of people at risk. UnitedHealth recently revealed that 190 millions Americans had their personal data and healthcare data stolen in the Change Healthcare ransomware attacks, nearly doubling the previous total. This breach shows how deeply ransomware penetrates.
How Interlock Ransomware infects healthcare organizations Read More »
Apple M-Series chips are vulnerable to speculative execution exploits with new SLAP and FLOP attacks
Researchers from the Georgia Institute of Technology (GIT) and Ruhr University Bochum (Ruhr U. Bochum) have demonstrated two new side channel attacks that target Apple silicon. These attacks could be used to leak sensitive data from web browsers such as Safari and Google Chrome. The attacks are codenamed Data Speculation Attacks by Load Address Prediction
Lazarus Group Controls Global Cyber Attacks Using React-Based Admin Panel
The North Korean threat actor Lazarus Group was observed using a “web-based administration platform” to supervise its command-and control (C2) infrastructure. This gave the adversary the capability to centrally oversee all aspects of their campaign. SecurityScorecard’s
Lazarus Group Controls Global Cyber Attacks Using React-Based Admin Panel Read More »
Mitel phones vulnerable to DDoS attacks using the new Aquabot Botnet exploit CVE-2024-41710
A Mirai botnet version dubbed Aquabot was observed actively trying to exploit a security flaw of medium severity impacting Mitel phones to ensnare those phones into a network that can mount distributed denial-of service (DDoS). The vulnerability is CVE-2024-41710, (CVSS score 6.8). It is a case of command insertion in the boot process. This could
Unpatched PHP Voyager flaws leave servers open to RCE exploits with a single click
Three security flaws in the open source PHP package Voyager have been discovered that an attacker could exploit to gain one-click remote execution of code on affected instances. In a report published earlier this week, Yaniv Nizry, a Sonar researcher, said that attackers could execute arbitrary code if an authenticated Voyager clicks on a malicious
Unpatched PHP Voyager flaws leave servers open to RCE exploits with a single click Read More »