Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw
Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers...
hacking
SCodeScanner – Stands For Source Code Scanner Where The User Can Scans The Source Code For Finding The Critical Vulnerabilities
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities. The...
Australian Telecoms company Optus discloses security breach
Australian telecoms company Optus disclosed a data breach, threat actors gained access to former and current customers. Optus, one of...
AttachMe: a critical flaw affects Oracle Cloud Infrastructure (OCI)
A critical vulnerability in Oracle Cloud Infrastructure (OCI) could be exploited to access the virtual disks of other Oracle customers....
A 15-Year-Old Unpatched Python bug potentially impacts over 350,000 projects
More than 350,000 open source projects can be potentially affected by a 15-Year-Old unpatched Python vulnerability More than 350,000 open...
Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign
Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn...
OSRipper – AV Evading OSX Backdoor And Crypter Framework
OSripper is a fully undetectable Backdoor generator and Crypter which specialises in OSX M1 malware. It will also work on...
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder
A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit...
Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign
Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis,...
Hackers stole $160 Million from Crypto market maker Wintermute
Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to...
U.S. gov adds more Chinese Telecom firms to the Covered List
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications...
Imperva blocked a record DDoS attack with 25.3 billion requests
Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests....
Russian Sandworm APT impersonates Ukrainian telcos to deliver malware
Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm...
Uber believes that the LAPSUS$ gang is behind the recent attack
Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking...
Analyzing IP Addresses to Prevent Fraud for Enterprises
How can businesses protect themselves from fraudulent activities by examining IP addresses? The police would track burglars if they left...
Kam1n0 – Assembly Analysis Platform
Kam1n0 v2.x is a scalable assembly management and analysis platform. It allows a user to first index a (large) collection...
American Airlines disclosed a data breach
American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered...
IT giants warn of ongoing Chromeloader malware campaigns
VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. ChromeLoader is a malicious...
Revolut security breach: data of +50,000 users exposed
Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial...
CATS – REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints
REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort!Comprehensive: tests...
Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online
Threat actors leaked source code and gameplay videos of Grand Theft Auto 6 (GTA6) after they have allegedly breached Rockstar...
TeamTNT is back and targets servers to run Bitcoin encryption solvers
AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week...
Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes
Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. Researchers from Necrum Security...
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online...
