WebView2 Exploited: CoinLurker Malware Targets Cryptocurrency Wallets
Attackers are targeting cryptocurrency using fake software update notifications to deploy a sophisticated stealer malware known as CoinLurker. Written in […]
Alert
Symlink Exploit in iOS and macOS Enables TCC Bypass
A vulnerability in Apple’s iOS and macOS has highlighted a serious flaw that allowed attackers to bypass the Transparency, Consent,
Malware Abuse of Windows UI Automation Framework Exposes EDR Blindspots
A new malware technique leverages Windows’ UI Automation (UIA) framework, enabling stealthy malicious operations while bypassing endpoint detection and response
Zero-Day Exploit in Cleo File Transfer Tools Sparks Global Security Alert
Cybersecurity experts are sounding the alarm after discovering widespread exploitation of a critical vulnerability in Cleo-managed file transfer software, affecting
AI Security Alert: Prompt Injection Flaws Exposed in DeepSeek and Claude AI
Recent discoveries have shed light on critical prompt injection vulnerabilities in AI-powered tools like DeepSeek and Anthropic’s Claude AI. If
Windows Zero-Day Exposes NTLM Credentials
A newly discovered Windows zero-day vulnerability has surfaced, enabling attackers to steal NTLM credentials with minimal user interaction. The flaw,
Mitel Patches Severe MiCollab Flaw Allowing Admin Access
A critical vulnerability in Mitel’s MiCollab software, now patched, has been revealed to enable attackers to gain unauthorized access to
BootKitty: The First Linux UEFI Bootkit Exploiting the LogoFAIL Flaw
A new form of UEFI malware, named BootKitty, has been discovered targeting Linux systems by exploiting a serious vulnerability known
Critical Flaws Found in Advantech Industrial Wi-Fi Access Points
Over 20 security vulnerabilities are discovered in Advantech EKI industrial Wi-Fi access points, with several posing critical risks. These flaws
Critical Flaws in WordPress Anti-Spam Plugin Put Over 200,000 Sites at Risk
Two critical vulnerabilities in the widely used WordPress plugin, Spam protection, Anti-Spam, and FireWall by CleanTalk, have been discovered, potentially
Russian RomCom Exploits Zero-Day Flaws in Firefox and Windows
In a sophisticated wave of cyberattacks, a Russia linked threat group RomCom has exploited two zero-day vulnerabilities—one in Mozilla Firefox
Hackers Exploit Avast Anti-Rootkit Driver to System Takeover
In a concerning development, cybercriminals are leveraging an old, vulnerable version of Avast’s Anti-Rootkit driver to disable security defenses and
Apple Urges Users to Update Devices Amid Active Zero-Day Exploits
Apple has rolled out critical security updates for its ecosystem, covering iOS, iPadOS, macOS, visionOS, and the Safari browser. These
PAN-OS Firewall Vulnerability Actively Exploited: Its Critical
Palo Alto Networks has confirmed active exploitation of a critical zero-day vulnerability in its PAN-OS firewall management interface. This flaw,
CISA Alerts on Critical Vulnerability in Palo Alto Networks Expedition Tool
Cybersecurity and Infrastructure Security Agency (CISA) has reported that a critical vulnerability in Palo Alto Networks’ Expedition tool is being