Security News

Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations
2024-10-31 18:10

Russian hackers, known as Midnight Blizzard, launch targeted spear-phishing on U.S. officials, exploiting RDP files to gain access to data.

qBittorrent fixes flaw exposing users to MitM attacks for 14 years
2024-10-31 15:11

qBittorrent has addressed a remote code execution flaw caused by the failure to validate SSL/TLS certificates in the application's DownloadManager, a component that manages downloads throughout...

LottieFiles supply chain attack exposes users to malicious crypto wallet drainer
2024-10-31 11:55

A scary few Halloween hours for team behind hugely popular web plugin LottieFiles is overcoming something of a Halloween fright after battling to regain control of a compromised developer account...

LottieFiles hacked in supply chain attack to steal users’ crypto
2024-10-31 09:02

The popular LottieFiles Lotti-Player project was compromised in a supply chain attack to inject a crypto drainer into websites that steals visitors' cryptocurrency. [...]

LottieFiles hit in npm supply chain attack targeting users' crypto
2024-10-31 09:02

LottieFiles announced that specific versions of its npm package carry malicious code that prompts users to connect their cryptocurrency wallets so they can be emptied. [...]

North Korean govt hackers linked to Play ransomware attack
2024-10-30 15:55

The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. [...]

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
2024-10-30 15:44

Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between...

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
2024-10-29 19:15

Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. [...]

New Cisco ASA and FTD features block VPN brute-force password attacks
2024-10-26 14:31

Cisco has added new security features that significantly mitigate brute-force and password spray attacks on Cisco ASA and Firepower Threat Defense (FTD), helping protect the network from breaches...

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
2024-10-26 09:06

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached...