security

Fortinet Cyber Security Update Fails; Zero-Day Exploited by Threat Actors
A week ago, Cyber Security firm Fortinet pushed out a security update to fix a high-severity security vulnerability CVE-2022-41328, allowing threat actors to execute unauthorized commands or…

Bitwarden Password Manager’s Autofill Feature Vulnerable to iframe-based Credential Theft
Bitwarden's Autofill Feature Poses Major Security Threat as Flaw Exposes Credentials to Malicious Iframe, Reveals Flashpoint's Analysts

BidenCash Leak: 2M+ Credit/Debit Cards with Personal Info Exposed
Security researchers at Cyble spotted a leaked database of about 2,165,700 (Debit & credit cards) by BidenCash, celebrating its first anniversary. For those who don't know, BidenCash…

ProxyShellMiner Malware Exploits Vulnerabilities for Cryptocurrency Mining
In a new malware discovery named ProxyShellMiner, the malware exploits the ProxyShell vulnerabilities to install cryptocurrency miners all around the Windows domain to make a profit for…

W4SP Stealer Found on PyPi Index, Threatening Crypto Wallets & Browser Passwords
A threat actor uploaded five malicious packages containing ‘W4SP Stealer’ information-stealing malware to Python Package Index (PyPi Index) from January 27 to January 29, 2023. The security…

Russian Threat Actors Target Cryptocurrency with Enigma Malware
Threat Actors from Russia are running a campaign that targets East Europeans working in the cryptocurrency industry by using fake job offers and aiming to infect the…

New Royal Trojan Variant Discovered, Targets VMware ESXi Virtual Machines
A security researcher named Will Thomas at Equinix Threat Analysis Centre (ETAC) discovered a new variant of the Royal Trojan which is performed using a command line.…

Attackers Abusing OneNote Attachments to Spread RAT Malware
Over the years, Threat actors have been deploying malware in emails via malicious Microsoft Word and Excel attachments, which then launch macros to download & install the…

Cybercriminals Selling ‘Hook’ Android Malware for Remote Control of Smartphones
In a report by ThreatFabric, An Android Malware by the name of ‘Hook’ is being sold by cybercriminals who brag that it can remotely take control of…

Hackers Breach CircleCi’s Systems via Engineer’s Infected 2FA-Backed SSO
CircleCi, a popular CI/CD (Continuous Integration & Continuous Development) platform used for DevOps practices revealed that it suffered a security exploit. In December last year, an engineer…