Blog

A new malware campaign has been identified targeting Android users in India. This sophisticated attack distributes malicious APK packages to compromise personal and financial information. The malware, available as a Malware-as-a-Service (MaaS) offering, underscores the evolving threat landscape in the digital age. …

Race conditions arise when there is no insufficient synchronization with a shared resource allowing multiple threads to access it simultaneously. The use of synchronization primitives such as mutexes, spinlock, etc. prevents these race conditions, However, researchers have discovered a new …

Researchers discovered multiple vulnerabilities in Google’s Gemini Large Language Model (LLM) family, including Gemini Pro and Ultra, that allow attackers to manipulate the model’s response through prompt injection. This could potentially lead to the generation of misleading information, unauthorized access to confidential …

A vulnerability, CVE-2023-36049 has been identified in the Microsoft .NET Framework and Visual Studio, posing a serious threat to the integrity of FTP servers. If exploited, this flaw could allow attackers to write or delete files, compromising the security of applications and …

Microsoft has disclosed that Russian government hackers, identified as the group Midnight Blizzard, have successfully infiltrated its corporate email systems and stolen source codes. The tech giant recently discovered unauthorized access attempts that were made using information obtained from a previous …

Rust’s strong focus on memory safety, which prevents common vulnerabilities such as buffer overflows, makes it a choice for threat actors to use Rust-based backdoors. Moreover, the performance of this language is appealing to many, and due to this, they …

Hackers are exploiting the versatility of SVG (Scalable Vector Graphics) files to distribute the GUloader malware. Understanding hostile actors’ techniques and tools is essential to staying ahead in the ever-changing cybersecurity field. Its stealthy methods and ability to elude detection …

Reserve Bank of India (RBI) has warned against the dangers of “juice jacking,” a cyberattack targeting mobile users who charge their devices at public USB ports. This advisory underscores the growing threat cybercriminals pose in public spaces such as airports, …

A new botnet named “COVID BOTNET” is being advertised on the dark web, claiming to target NATO servers and the broader Western digital infrastructure. The creators of this botnet are boasting about its ability to bypass anti-DDoS (Distributed Denial of …

A new post on a hacker forum has advertised the sale of a WordPress 0-day exploit. The seller claims that the exploit, packaged as a PHP script, can be used with a WordPress plugin to upload a shell to approximately 110,000 affected …