Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
The cybersecurity landscape is witnessing a significant evolution of the Quad7 botnet, as reported by Sekoia analysts. Initially known for targeting TP-Link and ASUS routers, Quad7 has now expanded its reach to include Zyxel VPN devices, Ruckus wireless routers, and Axentra media servers. This expansion marks a concerning development in the botnet’s capabilities and potential … Read more
Microsoft has unveiled a sophisticated cyber campaign orchestrated by North Korean threat actors, exploiting a recently patched Google Chrome zero-day vulnerability (CVE-2024-7971) to deploy the notorious FudModule rootkit. This revelation underscores the persistent threat posed by state-sponsored hacking groups to the global financial sector, particularly cryptocurrency organizations. Citrine Sleet: The Culprit Behind the Attacks Microsoft … Read more
Microsoft’s Windows Recall AI feature, which sparked significant controversy upon its introduction, has once again become the center of attention in the cybersecurity community. Initially designed to enhance user experience by allowing easy access to previously viewed information, the feature has faced criticism from security experts and privacy advocates alike. Recent developments have added another … Read more
Kaspersky Lab analysts have uncovered a sophisticated cybercrime operation dubbed “Tusk,” targeting Windows and macOS users globally. This campaign, believed to be orchestrated by Russian-speaking threat actors, employs a combination of phishing, infostealers, and clipboard hijackers to pilfer cryptocurrency and sensitive personal information. The Anatomy of Tusk Attacks The Tusk campaign initiates its assault by … Read more
Cybersecurity researchers at JFrog have uncovered a new attack vector dubbed “Revival Hijack,” exposing a significant vulnerability in the Python Package Index (PyPI). This discovery highlights the ongoing challenges in securing open-source software ecosystems and underscores the importance of vigilant package management practices. Understanding Revival Hijack Revival Hijack exploits a gap in PyPI’s package management … Read more
The notorious cybercriminal group BlindEagle, also known as APT-C-36, has been observed refining its tactics and expanding its reach across Latin America. First identified in 2018, this threat actor has recently updated its cyber espionage campaigns, primarily targeting individuals and organizations in Colombia and neighboring countries. Expanded Scope and Sophisticated Techniques According to recent findings … Read more
In a concerning development for aviation enthusiasts and frequent travelers, FlightAware, the world’s largest flight tracking platform, has disclosed a significant data breach that persisted for three years. The Houston-based company, known for its real-time and historical flight data services, inadvertently exposed users’ personal information due to a configuration error. The Scope and Timeline of … Read more
Zyxel, a prominent networking equipment manufacturer, has recently released critical security patches addressing a severe vulnerability affecting several of its business router models. This vulnerability, identified as CVE-2024-7261, could potentially allow unauthenticated attackers to execute arbitrary commands on affected devices. The discovery and subsequent patching of this flaw underscore the ongoing importance of vigilant cybersecurity … Read more
In a groundbreaking case that highlights the intersection of artificial intelligence and cybercrime, U.S. authorities have charged 52-year-old Michael Smith with defrauding major streaming services of over $10 million. This sophisticated scheme, which ran from 2017 to 2024, exploited AI technology to create hundreds of thousands of fake songs and manipulate play counts, raising serious … Read more
In a concerning development for cybersecurity professionals, the operators behind the Qilin ransomware have significantly upgraded their tactics. Sophos X-Ops researchers have uncovered a new custom infostealer deployed by the group, specifically designed to harvest credentials stored in Google Chrome browsers. This strategic shift marks a notable escalation in the threat landscape, potentially complicating future … Read more
