Apache StreamPark, the popular streaming application development framework, has released a security advisory addressing multiple vulnerabilities, urging users to upgrade to version 2.1.4 for enhanced protection. A critical vulnerability, identified as CVE-2024-29120, has been...
The Japanese exchange DMM Bitcoin suffered a cyberattack, resulting in the theft of over $300 million in cryptocurrency. The primary suspect in this case is the notorious North Korean hacker group, Lazarus Group. The...
In recent years, cybercriminals have increasingly exploited malicious applications for Android. One of the recent significant threats, according to researchers from Palo Alto Networks, is a new form of malware known as BadPack. The...
Apache StreamPipes, a widely-used Industrial IoT toolbox, has addressed three vulnerabilities that could expose users to serious security risks, including remote code execution, account hijacking, and server-side request forgery (SSRF). Race Condition Leads to...
Apache Superset, a popular open-source data exploration and visualization platform used by countless organizations worldwide, has been found to contain a SQL injection vulnerability (CVE-2024-39887). This vulnerability could allow attackers to bypass security measures...
Cybersecurity researchers have unveiled two malicious packages on the npm platform, harboring backdoor code designed to execute commands from a remote server. The suspicious packages, christened “img-aws-s3-object-multipart-copy” and “legacyaws-s3-object-multipart-copy,” were downloaded 190 and 48...
McAfee experts have unearthed a novel malware distribution method dubbed “Clickfix.” Malefactors employ this technique to lure users to malicious websites and coerce them into executing harmful scripts. “Clickfix” constitutes a sophisticated form of...
SonicWall specialists have uncovered a new wave of phishing attacks disseminating the DarkGate malware. Threat actors are employing PDF files masquerading as invoices to infect victims’ computers. This campaign is aimed at propagating the...
Information has surfaced about a new exploit called “Collateral Damage” targeting Xbox Series X, Xbox Series S, and Xbox One gaming systems. This tool, crafted by the talented hackers Emma Kirkpatrick and Lander Brandt,...
Researchers at Check Point have reported that the Iranian hacker group MuddyWater has intensified its attacks on Israel, utilizing a previously undocumented backdoor called BugSleep. The cybercriminals from MuddyWater often employ phishing campaigns through...
The American pharmaceutical giant Rite Aid has confirmed a data breach following a cyberattack that occurred in June. The ransomware group RansomHub has claimed responsibility for the company’s compromise. Rite Aid is the third-largest...
On July 11, a sophisticated attack on domain registries disrupted numerous decentralized finance (DeFi) applications. Users were massively redirected to malicious websites, causing alarm among both users and DeFi protocol developers. Blockchain security platform...
