Cyber News

Home > Cyber News

This category contains informative articles and news.
Cyber News about data breaches, online privacy and security, computer security threats, cybersecurity reports, vulnerability reports. News about the latest malware attacks.
Hot news about the security of Microsoft (Patch Tuesdays), Google, Android, Apple, Linux, and other big companies and software vendors.

CYBER NEWS
Operation PhantomBlu Phishing Attack Uses MS Documents to Deliver NetSupport RAT-min

Operation PhantomBlu Phishing Attack Uses MS Documents to Deliver NetSupport RAT

A sophisticated phishing campaign against U.S. organizations has been deploying a remote access trojan known as NetSupport RAT. Dubbed “Operation PhantomBlu,” the activity has been closely monitored by Israeli cybersecurity firm Perception Point. According to security researcher Ariel Davidpur, the…

CYBER NEWS
image contains text: CVE-2024-21412 Used in DarkGate Malware Campaigns-min

CVE-2024-21412 Used in DarkGate Malware Campaigns

A DarkGate malware campaign observed in mid-January 2024 has highlighted the exploitation of a recently patched security flaw in Microsoft Windows as a zero-day vulnerability, utilizing counterfeit software installers to propagate its nefarious payload. Trend Micro reported that during this…

CYBER NEWS
Nissan Oceania Attack Exposes 100,000 to Identity Theft

Nissan Oceania Attack Exposes 100,000 Victims to Identity Theft

In a recent cyber attack on Nissan Oceania’s systems, around 100,000 individuals in Australia and New Zealand have fallen victim to data theft, possibly orchestrated by the notorious Akira ransomware gang. The breach, which occurred in December 2023, has left…

CYBER NEWS
image contains text: March 2024 Patch Tuesday Significant Vulnerabilities

March 2024 Patch Tuesday: Significant Vulnerabilities

Microsoft has rolled out its latest batch of security fixes for March 2024 Patch Tuesday, addressing a total of 59 CVE-numbered vulnerabilities. The good news is that none of these vulnerabilities are currently known to be publicly exploited, offering a…

CYBER NEWS
Magnet Goblin Uses 1-Day Exploits to Drop Custom Malware on Linux, Windows-min

Magnet Goblin Uses 1-Day Exploits to Drop Custom Malware on Linux, Windows

A financially motivated cyber threat, dubbed “Magnet Goblin” by Check Point researchers, is leveraging known vulnerabilities in on public-facing services to distribute tailored malware to unpatched Windows and Linux systems. The Magnet Goblin threat actor, known for their persistent activity,…

CYBER NEWS
Intense DDoS Attacks against the French Government Raise Concerns

DDoS Attacks against the French Government Raise Concerns

The French Prime Minister’s office declared on Monday that several government agencies had fallen victim to severe cyberattacks of “intense” magnitude, commencing late Sunday night. While the precise nature of these assaults remains unconfirmed, indications point towards distributed-denial-of-service (DDoS) attacks…

CYBER NEWS
CVE-2024-20337 Allows Unauthorized Access to VPN Sessions

CVE-2024-20337 Allows Unauthorized Access to VPN Sessions

Cisco unveiled patches aimed at rectifying a high-severity security flaw discovered within its Secure Client software. This vulnerability, identified as CVE-2024-20337, poses a significant risk, allowing malicious actors to exploit it for unauthorized access to VPN sessions of targeted users.…

CYBER NEWS
Snake Python-Based Information Stealer Targets Facebook Users-min

Snake Python-Based Information Stealer Targets Facebook Users

A new threat has emerged targeting unsuspecting Facebook users. Dubbed “Snake,” this Python-based information stealer is engineered to infiltrate systems and capture sensitive data through Facebook messages. Python-based Snake Info Stealer Variants in the Wild According to Cybereason researcher Kotaro…

CYBER NEWS
Apple Fixes Actively Exploited Zero-Days in iOS (CVE-2024-23225)

Apple Fixes Actively Exploited Zero-Days in iOS (CVE-2024-23225)

Apple has taken measures to address two zero-day vulnerabilities detected in iOS, which were actively exploited in the wild. The tech giant promptly issued emergency security updates to patch the vulnerabilities. CVE-2024-23225 and CVE-2024-23296 Acknowledging the severity of the situation,…

CYBER NEWS
225K+ ChatGPT Credentials on Dark Web for Sale

225K+ ChatGPT Credentials on Dark Web for Sale

A recent report by Group-IB has unveiled concerning statistics regarding compromised ChatGPT credentials. Between January and October 2023, over 225,000 logs containing these credentials were discovered on underground markets. These compromised credentials were identified within information stealer logs linked to…

CYBER NEWS
Bifrost RAT Now Equipped with a Linux Variant

Bifrost RAT Now Equipped with a Linux Variant

Researchers from Palo Alto Networks’ Unit 42 have uncovered a new variant of the long-standing Bifrost remote access trojan (RAT) specifically targeting Linux systems. This latest iteration of Bifrost introduces several innovative evasion techniques, posing a significant challenge to detection…

CYBER NEWS
Post-ChatGPT, Vishing, Smishing, Phishing Attacks Surge by 1,265%

Post-ChatGPT, Vishing, Smishing, Phishing Attacks Surge by 1,265%

The rise of generative AI has ushered in a new wave of cyber threats, particularly in the realm of mobile communication. Recent findings from Enea, a leading provider of network security solutions, shed light on the alarming vulnerability of enterprises…

CYBER NEWS
Pre-installed Malware Found on Chinese Acemagic Products-min

Pre-installed Malware Found on Chinese Acemagic Products

Chinese PC manufacturer Acemagic recently found itself embroiled in controversy after admitting that some of its products were shipped with pre-installed malware. The revelation came to light when YouTuber The Net Guy discovered malware on Acemagic mini PCs during testing…

CYBER NEWS
Hackers Exploit Calendly Links to Spread Malware on macOS-min

Hackers Exploit Calendly Links to Spread Malware on macOS

Cryptocurrency enthusiasts should be on the lookout, as malicious hackers are leveraging popular scheduling applications like Calendly to execute sophisticated scams. Recent reports highlight a concerning trend where attackers impersonate established cryptocurrency investors, initiating meetings through Calendly, ultimately leading to…

CYBER NEWS
CVE-2023-40000

CVE-2023-40000: LiteSpeed Plugin Flaw Exposes Millions of WordPress Sites

A concerning security vulnerability within a widely-used WordPress plugin, LiteSpeed Cache, has been detected. Tracked as CVE-2023-40000, this vulnerability has raised alarms due to its potential to enable unauthenticated users to escalate their privileges, posing significant risks to countless WordPress…

CYBER NEWS
APT29

APT29 Tactics Revealed: A Joint Advisory by Five Eyes Cybersecurity Agencies

Cybersecurity and intelligence agencies from the Five Eyes nations have issued a joint advisory shedding light on the evolving tactics of the notorious Russian state-sponsored threat actor, APT29. This hacking entity, known by various aliases including BlueBravo, Cloaked Ursa, Cozy…

CYBER NEWS
CVE-2024-1071

CVE-2024-1071: Ultimate Member Plugin Flaw Exposes WordPress Sites

The revelation of a critical security loophole within the widely deployed WordPress plugin, Ultimate Member, has sent shockwaves through the online community. Tracked as CVE-2024-1071 and discovered by security researcher Christiaan Swiers, this vulnerability has a staggering CVSS score of…

CYBER NEWS
CVE-2024-23204 Vulnerability in Apple's Shortcuts App-min

CVE-2024-23204: Vulnerability in Apple’s Shortcuts App

Details have emerged about a high-severity security flaw in Apple‘s Shortcuts app. This vulnerability, tracked as CVE-2024-23204, has the potential to grant shortcuts unauthorized access to sensitive data without user consent. Apple Shortcuts is an automation application for macOS and…

CYBER NEWS
CVE-2023-52160 Wi-Fi Flaws Expose Android and Linux Devices

CVE-2023-52160: Wi-Fi Flaws Expose Android and Linux Devices

Two authentication bypass vulnerabilities were uncovered in open-source Wi-Fi software utilized across Android, Linux, and ChromeOS devices. These vulnerabilities, identified as CVE-2023-52160 and CVE-2023-52161, present a concerning scenario where users could unwittingly connect to malicious networks or allow unauthorized access…

CYBER NEWS
The PrintListener Attack

PrintListener: Fingerprint Authentication Vulnerability Exposes Our Identities

Fingerprint authentication has widespread adoption in identity verification systems owing to its speed and cost-efficiency. However, the risk of fingerprint leakage poses serious security concerns, as outlined in a new research paper called “PrintListener: Uncovering the Vulnerability of Fingerprint Authentication…

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree