Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
Cybersecurity researchers at Qualys have uncovered a significant new threat in the IoT security landscape – the Murdoc botnet, a sophisticated variant of the notorious Mirai malware. Since its emergence in July 2024, this malicious network has successfully compromised more than 1,370 devices, primarily targeting systems in Southeast Asia and Latin America, marking a concerning … Read more
Kaspersky Lab’s security researchers have uncovered multiple critical vulnerabilities in the first-generation Mercedes-Benz MBUX infotainment system, highlighting significant cybersecurity concerns in modern vehicle infrastructure. The comprehensive security audit revealed potential attack vectors that could compromise various vehicle functions and user data. Detailed Technical Analysis and Research Methodology The investigation, conducted on a Mercedes B180 vehicle, … Read more
In a significant cybersecurity development, Cloudflare has successfully defended against the largest distributed denial-of-service (DDoS) attack ever recorded, peaking at an unprecedented 5.6 terabits per second. The attack, orchestrated through a Mirai botnet comprising approximately 13,000 compromised devices, targeted a major Internet Service Provider in East Asia on October 29, 2024. Technical Analysis of the … Read more
In a landmark decision that has sent ripples through the cybersecurity and cryptocurrency communities, former President Donald Trump has granted a full pardon to Ross Ulbricht, the founder of the notorious darknet marketplace Silk Road. This executive action marks a pivotal moment in the intersection of technology, law enforcement, and digital currency regulation. The Rise … Read more
Cybersecurity researchers have uncovered severe vulnerabilities in widely-used tunneling protocols, potentially compromising the security of more than 4.26 million devices worldwide. The discovery affects VPN servers, routers, and various network infrastructure components, presenting significant risks to organizational and personal network security. Understanding the Scope and Nature of the Vulnerabilities Research conducted by KU Leuven’s Professor … Read more
A significant security vulnerability has been discovered in the widely-used WordPress plugin W3 Total Cache, potentially affecting over one million active installations worldwide. The security flaw, tracked as CVE-2024-12365, enables attackers with minimal access privileges to gain unauthorized control over critical website functions, posing a substantial risk to website integrity and user data. Understanding the … Read more
The U.S. Department of Treasury has implemented significant sanctions against Chinese cyber threat actors, specifically targeting hacker Yin Kechen and Sichuan Juxinhe Network Technology Co., LTD, following a series of sophisticated cyber espionage campaigns against critical U.S. infrastructure. This enforcement action represents a decisive response to what security experts identify as a state-sponsored cyber offensive. … Read more
A significant security vulnerability has been discovered in ChatGPT’s API infrastructure that enables threat actors to launch powerful DDoS attacks using just a single HTTP request. Security researcher Benjamin Flesch identified this critical flaw, which exploits ChatGPT’s backend attribution system to amplify attack traffic dramatically. Understanding the Technical Vulnerability The security flaw resides in the … Read more
Cybersecurity researchers at Imperva have uncovered a sophisticated large-scale malicious campaign leveraging Python-based bots to compromise PHP web servers. The attack campaign primarily targets Indonesian web infrastructure to promote illegal gambling operations through compromised legitimate websites. GSocket Deployment and Attack Infrastructure The investigation revealed millions of suspicious requests originating from Python clients attempting to install … Read more
Security researchers at Trend Micro have identified a significant security vulnerability (CVE-2025-0411) in the widely-used 7-Zip file archiver that compromises Windows’ Mark of the Web (MotW) security feature. This critical flaw enables potential attackers to circumvent essential Windows security protocols, potentially exposing users to malicious code execution. Understanding Mark of the Web and Its Security … Read more
