Cyber News

Home > Cyber News

This category contains informative articles and news.
Cyber News about data breaches, online privacy and security, computer security threats, cybersecurity reports, vulnerability reports. News about the latest malware attacks.
Hot news about the security of Microsoft (Patch Tuesdays), Google, Android, Apple, Linux, and other big companies and software vendors.

CYBER NEWS
Bifrost RAT Now Equipped with a Linux Variant

Bifrost RAT Now Equipped with a Linux Variant

Researchers from Palo Alto Networks’ Unit 42 have uncovered a new variant of the long-standing Bifrost remote access trojan (RAT) specifically targeting Linux systems. This latest iteration of Bifrost introduces several innovative evasion techniques, posing a significant challenge to detection…

CYBER NEWS
Post-ChatGPT, Vishing, Smishing, Phishing Attacks Surge by 1,265%

Post-ChatGPT, Vishing, Smishing, Phishing Attacks Surge by 1,265%

The rise of generative AI has ushered in a new wave of cyber threats, particularly in the realm of mobile communication. Recent findings from Enea, a leading provider of network security solutions, shed light on the alarming vulnerability of enterprises…

CYBER NEWS
Pre-installed Malware Found on Chinese Acemagic Products-min

Pre-installed Malware Found on Chinese Acemagic Products

Chinese PC manufacturer Acemagic recently found itself embroiled in controversy after admitting that some of its products were shipped with pre-installed malware. The revelation came to light when YouTuber The Net Guy discovered malware on Acemagic mini PCs during testing…

CYBER NEWS
Hackers Exploit Calendly Links to Spread Malware on macOS-min

Hackers Exploit Calendly Links to Spread Malware on macOS

Cryptocurrency enthusiasts should be on the lookout, as malicious hackers are leveraging popular scheduling applications like Calendly to execute sophisticated scams. Recent reports highlight a concerning trend where attackers impersonate established cryptocurrency investors, initiating meetings through Calendly, ultimately leading to…

CYBER NEWS
CVE-2023-40000

CVE-2023-40000: LiteSpeed Plugin Flaw Exposes Millions of WordPress Sites

A concerning security vulnerability within a widely-used WordPress plugin, LiteSpeed Cache, has been detected. Tracked as CVE-2023-40000, this vulnerability has raised alarms due to its potential to enable unauthenticated users to escalate their privileges, posing significant risks to countless WordPress…

CYBER NEWS
APT29

APT29 Tactics Revealed: A Joint Advisory by Five Eyes Cybersecurity Agencies

Cybersecurity and intelligence agencies from the Five Eyes nations have issued a joint advisory shedding light on the evolving tactics of the notorious Russian state-sponsored threat actor, APT29. This hacking entity, known by various aliases including BlueBravo, Cloaked Ursa, Cozy…

CYBER NEWS
CVE-2024-1071

CVE-2024-1071: Ultimate Member Plugin Flaw Exposes WordPress Sites

The revelation of a critical security loophole within the widely deployed WordPress plugin, Ultimate Member, has sent shockwaves through the online community. Tracked as CVE-2024-1071 and discovered by security researcher Christiaan Swiers, this vulnerability has a staggering CVSS score of…

CYBER NEWS
CVE-2024-23204 Vulnerability in Apple's Shortcuts App-min

CVE-2024-23204: Vulnerability in Apple’s Shortcuts App

Details have emerged about a high-severity security flaw in Apple‘s Shortcuts app. This vulnerability, tracked as CVE-2024-23204, has the potential to grant shortcuts unauthorized access to sensitive data without user consent. Apple Shortcuts is an automation application for macOS and…

CYBER NEWS
CVE-2023-52160 Wi-Fi Flaws Expose Android and Linux Devices

CVE-2023-52160: Wi-Fi Flaws Expose Android and Linux Devices

Two authentication bypass vulnerabilities were uncovered in open-source Wi-Fi software utilized across Android, Linux, and ChromeOS devices. These vulnerabilities, identified as CVE-2023-52160 and CVE-2023-52161, present a concerning scenario where users could unwittingly connect to malicious networks or allow unauthorized access…

CYBER NEWS
The PrintListener Attack

PrintListener: Fingerprint Authentication Vulnerability Exposes Our Identities

Fingerprint authentication has widespread adoption in identity verification systems owing to its speed and cost-efficiency. However, the risk of fingerprint leakage poses serious security concerns, as outlined in a new research paper called “PrintListener: Uncovering the Vulnerability of Fingerprint Authentication…

CYBER NEWS
LockBit Operation Cronos

Operation Cronos: the End of LockBit Ransomware?

Law enforcement agencies from 11 countries have joined forces to dismantle the notorious LockBit ransomware operation in a collaborative effort known as Operation Cronos. This coordinated action marks a significant blow against cybercriminal activity, with the National Crime Agency of…

CYBER NEWS
Private Network Access Chrome Feature Protects Home Networks

Private Network Access Chrome Feature Protects Home Networks

Google is rolling out a new feature aimed at thwarting malicious websites from exploiting vulnerabilities within users’ internal networks. This innovative safeguard is designed to shield devices such as printers and routers, traditionally deemed safe within home networks, from potential…

CYBER NEWS
MrAgent New Tool for Ransomware Attacks on ESXi Servers-min

MrAgent: New Tool for Ransomware Attacks on ESXi Servers

Among the latest developments in the field of ransomware innovations is the emergence of ‘MrAgent,’ a new tool unleashed by the RansomHouse ransomware operation. The tool is designed to automate the deployment of the data encrypter across multiple VMware ESXi…

CYBER NEWS
GoldPickaxe iOS Trojan Extracts Facial Recognition Data, Uses Deepfakes

GoldPickaxe iOS Trojan Extracts Facial Recognition Data, Uses Deepfakes

A Chinese-speaking threat actor known as GoldFactory has emerged as a significant player, responsible for the development of highly sophisticated banking trojans. Among its arsenal is a previously undocumented iOS malware named GoldPickaxe, capable of extracting sensitive personal data including…

CYBER NEWS
CVE-2024-21410 Microsoft Exchange Server Flaw Exploited in the Wild

CVE-2024-21410: Microsoft Exchange Server Flaw Exploited in the Wild

Microsoft has confirmed the exploitation of a critical security vulnerability in Exchange Server which was addressed in February 2024 Patch Tuesday. This acknowledgment comes just a day after the company issued fixes for the flaw as part of its routine…

CYBER NEWS
Microsoft's February 2024 Patch Tuesday

Microsoft’s February 2024 Patch Tuesday Fixes 2 Zero-Days

Microsoft’s February 2024 Patch Tuesday is already a fact, bringing forth a number of security updates. This month’s release addresses a total of 73 flaws, with a particular focus on tackling two actively exploited zero-day vulnerabilities that have been causing…

CYBER NEWS
CVE-2023-43770 in Roundcube Email Software Exploited in the Wild

CVE-2023-43770 in Roundcube Email Software Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a vulnerability in the Roundcube email software to its Known Exploited Vulnerabilities (KEV). Identified as CVE-2023-43770 with a CVSS score of 6.1, this cross-site scripting (XSS) vulnerability has been actively…

CYBER NEWS
Raspberry Robin Malware Uses N-Day Exploits, Advanced Evasion

Raspberry Robin Malware Uses N-Day Exploits, Advanced Evasion

Recent iterations of the Raspberry Robin malware have raised alarm among cybersecurity experts due to their increased stealth and utilization of one-day (n-day, or known) exploits targeting vulnerable systems. These exploits, designed to leverage recently patched vulnerabilities, capitalize on delays…

CYBER NEWS
RustDoor macOS Backdoor Linked to Ransomware Groups

RustDoor macOS Backdoor Linked to Ransomware Groups

Security researchers have uncovered a new sophisticated backdoor targeting macOS and dubbed RustDoor also known as Trojan.MAC.RustDoor. Operative since November 2023, this malicious software, identified by Bitdefender, operates under the guise of a Microsoft Visual Studio update, posing a grave…

CYBER NEWS
Hyundai Motor Europe Hit by Black Basta 3TB Data Stolen

Hyundai Motor Europe Hit by Black Basta: 3TB Data Stolen

Hyundai Motor Europe, the European division of Hyundai Motor Company, headquartered in Germany, has fallen victim to a devastating double extortion ransomware attack. The attack, perpetrated by the Black Basta ransomware gang, has resulted in the theft of three terabytes…

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree