cyber attacks

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

Feb 19, 2025Ravie LakshmananThreat Intelligence / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities…

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

Feb 18, 2025Ravie LakshmananVulnerability / Network Security Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS)…

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

Feb 18, 2025Ravie LakshmananCyber Espionage / Malware The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the…

New FrigidStealer Malware Targets macOS Users via Fake Browser Updates

Feb 18, 2025Ravie LakshmananThreat Intelligence / Malware Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to…

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Feb 18, 2025Ravie LakshmananVulnerability / Network Security Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited…

Debunking the AI Hype: Inside Real Hacker Tactics

Feb 18, 2025The Hacker NewsArtificial Intelligence / Cyber Defense Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’…

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign

Feb 18, 2025Ravie LakshmananMalware / Network Security The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in…

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Feb 18, 2025Ravie LakshmananVulnerability / Enterprise Security Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol…

Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Feb 18, 2025Ravie LakshmananMalware / Website Hacking Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in…

Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Feb 17, 2025Ravie LakshmananEndpoint Security / Malware Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. “Its first known variant…

« Previous
1
…
145
146
147
148
149
…
336
Next »