A critical vulnerability has been discovered in the popular LiteSpeed Cache plugin for WordPress, potentially allowing attackers to hijack user accounts. The vulnerability, designated CVE-2024-44000 with a CVSS score of 7.5, affects versions up...
In 2024, the number of hacking attacks targeting cryptocurrency projects continues to surge, with the total amount of stolen funds exceeding $1.2 billion, marking a 15.5% increase compared to 2023. One of the most...
Cisco has temporarily closed its branded merchandise online store after the discovery of malicious code that was stealing users’ data during the checkout process. The store, which sells clothing and accessories featuring the company...
Cisco Talos experts have uncovered that the red team framework MacroPack is being actively exploited by cybercriminals to disseminate malware such as Havoc, Brute Ratel, and the PhantomCore RAT trojan. During the analysis of...
Recently, security researcher Sergey Kornienko from PixiePoint published an analysis and demonstration of a critical zero-day vulnerability in the Windows kernel, identified as CVE-2024-38106. This privilege escalation vulnerability is already being actively exploited by...
D-Link has alerted its customers to the presence of four vulnerabilities, allowing for remote code execution (RCE), in the DIR-846W router model. These vulnerabilities affect all hardware versions and firmware, yet no patches will...
Since its emergence in February 2024, the ransomware group RansomHub has encrypted and stolen data from over 210 victims, according to U.S. authorities. Among the affected are organizations from diverse sectors, including water supply,...
Recently, a security researcher known by the pseudonym @hyprdude published an in-depth report on the vulnerability CVE-2024-20017, discovered in the network daemon wappd. This daemon is utilized in SDKs from MediaTek and SoftAP drivers...
In August of this year, researchers from Proofpoint uncovered an unusual campaign distributing malware, which the attackers have dubbed Voldemort. This malware is suspected of engaging in espionage, possessing capabilities for information gathering and...
Over the past year, 19 new top-level domains (TLDs) have been introduced, and a study conducted by Palo Alto Networks has revealed that these domains are being actively exploited for various cyberattacks. Among the...
Human Security has uncovered a significant scheme for monetizing pirated content through advertising networks. The perpetrators behind these sites place advertisements on pages hosting pirated content to generate revenue. Visitors to these sites become...
Researchers at Trend Micro have documented the exploitation of vulnerability CVE-2023-22527, which is being used to compromise Atlassian servers by installing the Godzilla backdoor. The flaw, rated CVSS 10.0, was discovered in Confluence Data...
