News

The automotive industry is experiencing a surge in BEC and VEC attacks, a type of email scam designed to trick employees into transferring money or revealing sensitive information. A recent incident where a fraudster stole $37 million from Toyota Boshoku …

Kapeka, also known as KnuckleTouch, is a sophisticated backdoor malware that has been making waves in the cybersecurity world. Initially appearing in mid-2022, it wasn’t until 2024 that Kapeka was formally tracked due to its involvement in limited-scope attacks, particularly in Eastern …

A severe vulnerability has been discovered in the PuTTY client and related components, allowing attackers to fully recover NIST P-521 private keys. The PuTTY client generates heavily biased ECDSA nonces when using the NIST P-521 elliptic curve, causing the vulnerability …

The City of Wichita, Kansas, experienced a disruption when it fell victim to a ransomware attack. This cyber assault encrypted data across various city systems, prompting officials to shut down the affected networks as a containment measure. The attack has impacted several …

Oracle has released its Critical Patch Update (CPU) for April 2024, addressing 372 vulnerabilities across multiple products. The Critical Patch Update provides fixes for security flaws in widely-used Oracle products including Database Server, Fusion Middleware, Enterprise Manager, E-Business Suite, Supply …

International law enforcement agencies have successfully dismantled a notorious cybercrime platform, LabHost, which facilitated criminals in conducting phishing attacks to steal sensitive information such as passwords, addresses, and card details from unsuspecting victims worldwide. This collaborative effort underscores the increasing global commitment …

In a sophisticated cyber attack, hackers have been discovered impersonating LastPass employees in an elaborate phishing campaign designed to steal users’ master passwords and hijack their accounts. This alarming development was recently highlighted by LastPass on their official blog, shedding light on …

The FBI’s Internet Crime Complaint Center (IC3) has warned about a sophisticated smishing scam targeting drivers across multiple states. Since early March 2024, over 2,000 complaints have been filed with the IC3, detailing fraudulent text messages that masquerade as road …

A vulnerability was identified in the WordPress theme, “Responsive,” allowing attackers to inject arbitrary HTML content into websites. This flaw, as CVE-2024-2848, poses a severe risk to website integrity and user safety. CVE-2024-2848 – Arbitrary HTML Content Injection The vulnerability was specifically found …

A new type of malware dubbed “Wavestealer” has been identified. This malicious software reportedly steals sensitive information such as login credentials and credit card data from unsuspecting users. Wavestealer is designed to infiltrate computer systems silently and remains undetected by …